en
Back to the list

GateHub hacked, nearly $10 million in XRP has been stolen

source-logo  chepicap.com 06 June 2019 23:05, UTC

Recently it was announced by XRP Forensic researcher Thomas Silkjær that a theft had occurred on the crypto wallet service GateHub, to the tune of about 23,200,000 XRP, or almost $10,000,000. This has prompted a "preliminary response" and investigation from the service, though what happens next is unclear.

The issue was originally chronicled in the XRP Forensics" blog, though the researchers also reached out to GateHub. According to the post, on June 1st a theft of 201,000 XRP was detected and soon determined to have come from a GateHub wallet, which prompted investigators to look deeper. Before long, it was clear that in fact several wallets appeared to have been compromised on the service.

According to the blog:

"As of writing this report, 2019–06–05 16:00 UTC, we gather that ~23,200,000 XRP has been stolen from 80–90 victims, of which ~13,100,000 XRP have already been laundered through exchanges and mixer services."

Today GateHub released an official response to the event, saying it has contacted all customers whose wallets are believed to be affected (about 100), adding that anyone who has not been contacted should be safe.

They admit the investigation is still underway, and do not currently know how the breach occurred. From their response:

"API requests to the victim’s accounts were all authorized with a valid access token. There were no suspicious logins detected, nor there were any signs of brute forcing.

We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys.

That, however, still doesn’t explain how the perpetrator was able to gain other required information needed to decrypt the secret keys.

All access tokens were disabled on June 1st after which the suspicious API calls were stopped."

Meanwhile XRP Forensics has been watching where the funds are going, creating a basic map of the transactions:

Yellow: Exchanges and accounts used to cash out. Blue: Victims. Red: 9 suspected accounts Note: A few victims may have not been channeled through the suspect accounts and have had funds sent directly to exchanges

Exchanges being used to move the money include Huobi, Kucoin and even Binance. The researchers claim they have been in communication with the exchanges which are being used for laundering.

At this time it isn't clear how the hack was possible or if there is any path to get the funds back, but it seems unlikely. In the meantime, stick with Chepicap for all updates!

chepicap.com