The attackers broke into GateHub’s cryptocurrency service and pulled out 23.2 million Ripple (XRP) coins from users ‘wallets for an amount of $ 9.5 million. The attack began on June 1, a total of 12 addresses were used by the criminals and 80-90 users’ wallets were hacked. An incident is under investigation. Presumably, the criminals used API GateHub to carry out attacks, but so far the company cannot say exactly how they managed to carry out the theft.
“We have recorded an increased number of API requests (with valid access tokens) emanating from several IP addresses, which can explain how the offender got access to encrypted secret keys. However, this does not explain how he managed to obtain the information needed to decrypt the keys, ”the GateHub said in a statement. The company added that all access tokens were withdrawn on the day of the attack, June 1
According to a member of the XRP Forensics team specializing in countering fraud, the attacker received significant amounts from several XRP accounts that were probably managed through Gatehub.net. He added that approximately 13 million XRP ($ 5.3 million) had already been withdrawn through exchanges or laundered through services mixers that confuse transactions. The team also failed to determine how the attack was made.
Over the past two days, this is the second case of theft of funds from cryptocurrency wallets. As it became known, the developer of the Agama cryptocurrency wallet, Komodo, in order to protect users from hackers, broke into their wallets and transferred the cryptocurrency stored in them (8 million KMD and 96 bitcoins) to their own wallet.