It’s very likely that one of the biggest risks towards cryptocurrency credibility rests in the fairly large number of attackers targeting digital currency exchanges and wallets. While the number is certainly not big enough to put you on high alert, it can’t be ignored either.
Recent reports indicate the security of wallet provider GateHub has been breached by attackers, who managed to get away with roughly $10 million-worth of XRP. Initially, GateHub only made a preliminary statement concerning the hack, yet it seems that more details are becoming available.
The initial statement announcing the hack read: “Recently, we have been notified by our customers and community members about funds on their XRP Ledger wallets being stolen and immediately started monitoring network activity and conducted an extensive internal investigation.”
A full story on how the hack was carried out is not yet available, but GateHub has shared some of its initial findings. With this in mind, there’s no trace of brute forcing on the wallet’s service, nor were there any suspicious logins. However, the GateHub security team has detected a suspicious number of API calls, backed by valid access tokens. The access tokens were disabled right after the API calls stopped. They originated from several IP addresses, and may serve as a lead in determining how the attackers obtained the encrypted secret keys.
While this is certainly a step forward, GateHub cannot currently explain how hackers gained access to all other necessary data used to decrypt the keys in question.
However, the attack might be linked to Ledger wallets being hosted on GateHub. Preliminary findings showcase that 100 XRP Ledger wallets were fully-compromised, with all available XRP being stolen.
Thomas Silkjær, an XRP community member, and one of the first individuals to get in touch with GateHub after the attack, stated that: “On June 1 we were made aware of a theft of 201,000 XRP … and immediately started investigation. It turned out that the account robbed was managed through Gatehub.net, and that the offending accounts (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from several other XRP accounts, likely to be or have been managed through Gatehub.net.”
GateHub has announced that it is following procedure, and doing everything in its power to figure out how the breach occurred. It hopes to achieve this by collaborating with law enforcement and an IT forensics team. The wallet service has also contacted all potentially-affected users with instructions on how to protect their remaining funds.
Analysis has concluded that the stolen XRP has already been laundered through cryptocurrency exchanges and coin mixers, to reduce the effectiveness of tracking efforts. After news of the attack appeared publicly, XRP prices started a steady decline. The coin is currently trading at -4.30%.
Based on everything that has been outlined so far, this hack is yet another alarm calling for a smarter approach towards ensuring the security of cryptocurrency exchanges and wallets. After all, it’s a pity that most cryptocurrencies offer advanced security, yet exchanges are constantly targeted and affected.
Featured image via BigStock.