Hackers have reportedly stolen nearly $10 million worth of Ripple (XRP) from about 100 XRP ledger wallets on GateHub, as reported in a preliminary statement issued by the CEO of crypto wallet service provider, Enej Pungercar, on June 6.
Gatehub disclosed, in the statement, that they were notified by customers whose wallets were compromised. Estimated count of all affected users was about 100, but the platform has stated that it has not been confirmed that all the affected XRP wallets were hosted on GateHub.
API Calls Not Brute Force or Suspicious Logins
At first, the company couldn’t point its finger towards any nefarious activity on the platform but when it dug deeper, it formed a hypothesis of possible ways the attackers got access to the encrypted keys. It wasn’t through brute force or suspicious logins. The company stated that they discovered an increase in application programming interface (API) calls coming from a small number of IP addresses.
Gatehub is reportedly still working with law enforcement and other security professionals to figure out what happened and whether their system remains at risk. The firm hopes to get things back to normal soon. Gatehub community member, Thomas Silkjær, who reportedly warned the platform about a possible breach, published a report about the hack, stating that:
“On June 1 we were made aware of a theft of 201,000 XRP (transaction F6E9E1385E11649A6C2F88723A821AF209B54030886539DCEF9DDD00E6446948) and immediately started investigation. It turned out that the account robbed was managed through Gatehub.net, and that the offending account (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from several other XRP accounts, likely to be or have been managed through Gatehub.net”.
Silkjær also disclosed that approximately 23,200,000 XRP had been stolen from 80–90 victims, of which 13,100,000 XRP have been laundered through exchanges and mixer services, as at the time that the report was published.
Disabling Access Tokens
To prevent further breaches, Gatehub has disabled all access tokens on June 1st after the suspicious API calls were stopped.
However, the question on the minds of the cryptocurrency owners at large is whether the platform will regain the trust that their users invested in them and their platform, as breaches like this may be hard to recover from. Now that users have been urged to suspend activities on their GateHub XRP wallets, subscriber numbers will definitely take a plunge, and many may resort to alternative web wallet services.
While it is admirable that the management decided to be transparent with their information sources, it does not speak well of Gatehub’s administration and security that the users noticed the breach before they did, so that may not work in their favor as well.
With this incident, 2019 seems to be quickly gaining ground as the year of crypto hacks. Increasing reports of hacks and breaches are circulating, and while it may be an indicator of the growth in the cryptocurrency sector in more countries, it is also a signal that security on exchange platforms and wallet providers needs to step up.
Plus, for new crypto investors, picking a platform to get a web wallet could become a problem.
One wallet provider who won’t lose sleep thinking about hackers is Komodo. The crypto wallet provider successfully hacked its own customers, following notification of a potential breach that could have resulted in the theft of funds worth nearly $13 million, broken down to 8 million komodo (KMD) tokens and 96 bitcoin.