[06-07-2019] GateHub hacked, nearly $10 million has been stolen

[bbc.reporter]

I reckon this must be hard for the owners of Gatehub and certainly very hard for its users. However, that is what you risk in a system that requires the necessity for trust.

Inside job, incompetence, exit scam, I do not know anymore.


Yellow: Exchanges and accounts used to cash out. Blue: Victims. Red: 9 suspected accounts


Today GateHub released an official response to the event, saying it has contacted all customers whose wallets are believed to be affected (about 100), adding that anyone who has not been contacted should be safe.

They admit the investigation is still underway, and do not currently know how the breach occurred. From their response:

"API requests to the victim’s accounts were all authorized with a valid access token. There were no suspicious logins detected, nor there were any signs of brute forcing.

We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys.

That, however, still doesn’t explain how the perpetrator was able to gain other required information needed to decrypt the secret keys.

All access tokens were disabled on June 1st after which the suspicious API calls were stopped."

Exchanges being used to move the money include Huobi, Kucoin and even Binance. The researchers claim they have been in communication with the exchanges which are being used for laundering.

At this time it isn't clear how the hack was possible or if there is any path to get the funds back, but it seems unlikely.

Read in full https://www.chepicap.com/en/news/10325/gatehub-hacked-nearly-10-million-in-xrp-has-been-stolen.html

[CryptoBry]

I am always sad to see another cryptocurrency exchange become a victim of the hackers as this can surely undermine the trust and confidence of the users to many platforms in this industry. People are surely thinking how safe are their coins and tokens with the exchange they are using. As what I said, the Binance hack was not the first nor will be the last. How long will this phenomenon be occurring? Nobody has the answer as this scourge many consider to be the main risk that an exchange is facing all days all nights. What is more alarming is that hackers are now using more sophisticated way of getting in where detection can be difficult...the hackers are evolving that is why I consider them two steps ahead of the game...

Let's hope that GateHub has set-up an emergency fund to cover the loss of innocent users -- similar to what Binance has which should now be the standard in the industry, if I may add. By the way, beautiful looking diagram, though it is deadly.

[Kemarit]

Just to be clear, it was not Bitcoin that was stolen here, maybe someone here will read the article and thought that its Bitcoin, it was XRP that was stolen on Gatehub. And this is the original source of the story if I'm not mistaken, (https://medium.com/xrp-forensics/overview-of-the-gatehub-hack-f88a441c9203), and to summarize where some of the XRP went, after according to the article:

Services used to cash out (not complicit)

We have identified some of the largest recipients (rounded figures):

    changelly.com: 6,000,000 XRP
    changenow.io: 3,250,000 XRP
    kucoin.com: 1,500,000 XRP
    huobi.com: 930,000 XRP
    exmo.me: 135,000 XRP
    hitbtc.com: 115,000 XRP
    binance.com: 110,000 XRP
    alfacashier.com: 50,000 XRP

You can also find their preliminary statement here: (https://gatehub.net/blog/gatehub-preliminary-statement/)

@CryptoBry - as I have said, hackers will always be one step ahead of this game. We really don't know when they are going to strike, seems though that XRP is not affected as it continued to be pump with a 2%-4% increased in the last 24 hours.

[shamc]

ÞE solution is to not allow third party API connections. These seem to be the root of all hacks so just prevent them and keep our coins safe instead

[bbc.reporter]

@Kemarit. It appears that bitcoin's 10 minute confirmation times and requiring 3 to 6 confirmations before reflecting the coins in your account is an advantage hehehe. It will give exchanges more time to react and freeze the account if something is wrong.

[Sithara007]

@Kemarit. It appears that bitcoin's 10 minute confirmation times and requiring 3 to 6 confirmations before reflecting the coins in your account is an advantage hehehe. It will give exchanges more time to react and freeze the account if something is wrong.

Never thought like that, but what you are saying is very valid. The delay in confirmation gives enough time for the robbery/hack victims to contact the crypto-exchange owners and freeze the funds (provided the exchange owners are willing to do so). But in case the thieves manage to mix the coins, then things gets a lot complex.