Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
The attackers hacked the GateHub cryptocurrency service and withdrew 23.2 million Ripple coins (XRP) worth a strand of $ 9.5 million from users' wallets. The attack began on June 1, in total, the criminals used 12 addresses and hacked 80-90 user wallets.
The incident is currently being investigated. Presumably, the criminals used the GateHub API to carry out attacks, but so far the company cannot say how exactly they managed to carry out theft.
“We have seen an increased number of API requests (with valid access tokens) originating from multiple IP addresses, which may explain how the attacker gained access to encrypted private keys. However, this does not explain how he was able to obtain the information needed to decrypt the keys, ” GateHub said in a statement. The company added that all access tokens were revoked on the day of the attack, June 1.
According to a member of the anti-fraud team at XRP Forensics, the attacker received significant amounts from multiple XRP accounts, which were likely managed through Gatehub.net. He added that approximately 13 million XRP ($ 5.3 million) have already been withdrawn through exchanges or laundered through mixer services that obfuscate transactions. The team was also unable to determine how the attack was carried out.
Over the past two days, this is the second case of theft of funds from cryptocurrency wallets. As it became known, the developer of the Agama cryptocurrency wallet, Komodo, in order to protect users from hackers, itself hacked their wallets and transferred the cryptocurrency stored in them (8 million KMD and 96 bitcoins) to its own wallet.
