Hackers steal $9.5 million from GateHub cryptocurrency wallets

Unofficial investigation puts the number of victims between 80 and 90 users. Unknown how hackers stole users' funds.
Written by Catalin Cimpanu, Contributor on
Image: GateHub

Hackers have stolen 23.2 million Ripple coins (XRP), worth nearly $9.5 million, from the users of the GateHub cryptocurrency wallet service.

The company admitted to the security breach in a preliminary statement posted on its website.

While the staff is still investigating the incident that led to customer funds being siphoned from GateHub wallets, the company said it believes the hacker abused its API to carry out the attacks, albeit it is unsure how.

"We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys," the company said.

"That, however, still doesn't explain how the perpetrator was able to gain other required information needed to decrypt the secret keys.

"All access tokens were disabled on June 1st after which the suspicious API calls were stopped," GateHub said.

Community tracked down hackers

A report published by XRP Forensics, a group of XRP community members working to prevent and counter scams on the XRP Ledger, included more details about the thefts, such as a history of suspicious transactions and 12 of the XRP addresses to which the hacker collected the stolen funds.

"As of writing this report, 2019-06-05 16:00 UTC, we gather that ~23,200,000 XRP has been stolen from 80-90 victims, of which ~13,100,000 XRP have already been laundered through exchanges and mixer services," said Thomas Silkjær, a member of the XRP Forensics team.

Silkjær also couldn't pinpoint the method through which hackers stole the XRP funds from GateHub accounts.

GateHub said it notified law enforcement and promised to post an official statement after the internal investigation is completed.

This is the second security incident that came to light today that impacted the cryptocurrency community. Earlier today, the Komodo Platform admitted to hacking its own users to move funds from backdoored wallets before hackers could get a chance to steal users' money. The company will allow users to reclaim their funds.

How to spot a fake ICO (in pictures)

More data breach coverage:

Editorial standards