Unknown Hacker Attempted to Hack Etherscan Through Comments Section
July 24, 2018
Etherscan, an Ethereum network explorer, has become a target of another hack attempt. An unknown attacker tried to use the comment section to inject malicious code.
After studying the issues, Etherscan developers found, that the source of the attack came from the comment section of the website. It was supported by a third-party service called Disqus.
Etherscan disabled Disqus comments at the footer and announced on Reddit, that they are already working on patch that will encapsulate the footer HTML and will make impossible to attack the website in that way in the future.
MyCrypto developer Michael Hahn said: