Unknown Hackers Steal Nearly $9.5 Million in Cryptocurrency from GateHub User Wallets

On June 1, 2019, unknown attackers breached the cryptocurrency service GateHub and withdrew 23.2 million Ripple (XRP) coins from user wallets, totaling approximately $9.5 million. The criminals used 12 different addresses and managed to hack between 80 and 90 user wallets during the attack.

An investigation into the incident is currently underway. It is believed that the attackers exploited the GateHub API to carry out the theft, but the company has not yet determined exactly how the breach was accomplished.

“We detected an increased number of API requests (with valid access tokens) coming from several IP addresses, which may explain how the attacker gained access to encrypted secret keys. However, this does not explain how they obtained the information needed to decrypt the keys,” GateHub said in a statement. The company added that all access tokens were revoked on the day of the attack, June 1.

According to a member of the XRP Forensics team, which specializes in combating fraud, significant amounts of XRP were sent to the attacker’s address from several accounts likely managed through Gatehub.net. He added that about 13 million XRP (worth $5.3 million) had already been withdrawn through exchanges or laundered using mixing services that obscure transactions. The team was also unable to determine exactly how the attack was carried out.

This is the second case of cryptocurrency wallet theft in the past two days. It was recently reported that the developer of the Agama cryptocurrency wallet, Komodo, hacked its own users’ wallets to protect them from hackers, transferring the stored cryptocurrency (8 million KMD and 96 bitcoins) to its own wallet for safekeeping.