ESET malware researcher Matthieu Faou spotted malicious JavaScript code on up to 700,000 websites. The code was intended to replace the destination Bitcoin address of transfers with an address belonging to the hackers. StatCounter removed the malicious script on November 6, several hours before the Gate.io cryptocurrency exchange platform stopped using the popular analytics service to prevent further damage.Gate.io also urged its customers to maximize the security levels on their accounts by enabling two-factor authentication (2FA) and two-step login protection.
Source: https://thehackernews.com/2018/11/statcounter-cryptocurrency-cyberattack.html