- Twelve GateHub accounts connected to the breach have been identified.
- It is speculated that the attack was the result of phishing, account hacks and repeating ‘nonces’.
Popular cryptocurrency wallet GateHub has been found to be breached. It is reported that the attackers made off with 23 million Ripple coins (XRP) belonging to GateHub users from this breach. The actors are believed to have used a number of methods which include phishing, account hacks and repeating ‘nonces’.
The big picture
- According to Thomas Silkjær, Creative Director at 2K/DENMARK, around 23,200,000 XRP was stolen by attackers from 80 to 90 users.
- 13 million XRP was hinted to laundered through various cryptocurrency exchanges and mixing services.
- Silkjær also speculated that the attackers used phishing, phishing, account hacks and repeating ‘nonces’.
- 12 accounts linked to the breach were identified. It is reported that the first victim was swindled of 10,000 XRP on May 2018.
Silkjær detailed the breach on a Medium blog. He mentions that the breach was noticed on June 1 when a transaction of 201,000 XRP occurred between two wallets. He also states that the attackers associated with this transaction had stolen XRP from other accounts managed on GateHub[.]net.
What actions have been taken?
Regarding the breach, GateHub stated that its conducting an internal inquiry. “Our investigation team and a professional IT forensics team are still working around the clock to complete an internal investigation. We will post an official statement soon,” Gatehub said in a tweet.