Ripple friendly wallet, Gatehub.net has reportedly experienced a security breach leading to the loss of about 23 million XRP (appr. $9.2 million) from over 80-90 victims so far.
The security breach was noticed by Thomas Silkjær, a Ripple enthusiast and creative 2K/DENMARK on June 1, 2019. According to Silkjær’s publication on XRP Forensic medium page, a transaction of 201,000 XRP was first sent between two wallets.
The theft of 201,000 XRP was in a Gatehub.net account, and the attackers’ account (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) likely stole from other XRP accounts on Gatehub. This news is coming just a few days after Ripple announced they paid a $9 transaction fee on 200 Million XRP transfer.
Furthermore, Silkjær gave a list of 12 accounts that were likely used to launder the stolen money. After the theft, the first transaction occurred on May 30, 2018, at 12:25 UTC. The suspected account received 10,000 XRP through that transaction.
Silkjær’s report also revealed that about 13,100,000 XRP have “already been laundered through exchanges and mixer services.” The story goes on to list possible ways the theft may have occurred, including browser client hacks, phishing, gatehub account hacks, repeating once, and incremental nonces.
The report also encourages victims to contact info@xrpforensics.org. With Silkjær stating,
“We strongly advise victims to file a complaint with relevant authorities in their jurisdictions.”
The XRP community is filled with praise for the works of XRP Forensics for bringing light to such a disaster. Other victims are speaking up as well with one Twitter user saying, “I’ve got lost around 2M XRP at @GateHub Aug 2016. They totally didn’t help me.”
When queried about the breach, GateHub admitted it but said they were still not sure of the contributing factors.
The exchange subsequently responded on XRP chat forum stating that the API requests for the victim’s accounts were all authorized with a valid access token. They also said that investigations are underway and they couldn’t post any official conclusions yet.
[ajax_load_more post_type=”post” scroll_distance=”150″ images_loaded=”true”]
