It’s very likely that one of the biggest risks towards cryptocurrency credibility rests in the fairly large number of attackers targeting digital currency exchanges and wallets. While the number is certainly not big enough to put you on high alert, it can’t be ignored either.
Recent reports indicate the security of wallet provider GateHub has been breached by attackers, who managed to get away with roughly $10 million-worth of XRP. Initially, GateHub only made a preliminary statement concerning the hack, yet it seems that more details are becoming available.
The initial statement announcing the hack read: “Recently, we have been notified by our
customers and community members about funds on their XRP Ledger wallets being
stolen and immediately started monitoring network activity and conducted an
extensive internal investigation.”
A full story on how the hack was carried out is not yet available,
but GateHub has shared some of its initial findings. With this in mind, there’s
no trace of brute forcing on the wallet’s service, nor were there any suspicious
logins. However, the GateHub security team has detected a suspicious number of
API calls, backed by valid access tokens. The access tokens were disabled right
after the API calls stopped. They originated from several IP addresses, and may
serve as a lead in determining how the attackers obtained the encrypted secret
keys.
While this is certainly a step forward, GateHub cannot currently
explain how hackers gained access to all other necessary data used to decrypt
the keys in question.
However, the attack might be linked to Ledger wallets being hosted
on GateHub. Preliminary findings showcase that 100 XRP Ledger wallets were fully-compromised,
with all available XRP being stolen.
Thomas Silkjær, an XRP
community member, and one of the first individuals to get in touch with GateHub
after the attack, stated that: “On June 1 we were made aware of a theft of
201,000 XRP … and immediately started investigation. It turned out that the
account robbed was managed through Gatehub.net, and that the offending accounts
(r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from
several other XRP accounts, likely to be or have been managed through
Gatehub.net.”
GateHub has announced that it is following procedure, and doing
everything in its power to figure out how the breach occurred. It hopes to
achieve this by collaborating with law enforcement and an IT forensics team. The
wallet service has also contacted all potentially-affected users with
instructions on how to protect their remaining funds.
Analysis has concluded that the stolen XRP has already been laundered through cryptocurrency exchanges and coin mixers, to reduce the effectiveness of tracking efforts. After news of the attack appeared publicly, XRP prices started a steady decline. The coin is currently trading at -4.30%.
Based on everything that has been outlined so far, this hack is yet another alarm calling for a smarter approach towards ensuring the security of cryptocurrency exchanges and wallets. After all, it’s a pity that most cryptocurrencies offer advanced security, yet exchanges are constantly targeted and affected.