Approximately 100 XRP Ledger wallets hosted on GateHub, a cryptocurrency wallet service provider built upon the XRP Ledger protocol have suffered a massive security breach, gifting bad actors nearly $10 million worth of XRP tokens, according to a blog post on June 6, 2019.
As stated in its blog post, the GateHub team claims its users have informed it of their XRP Ledger wallets being compromised, with large amounts of digital tokens missing from their purses.
Despite launching an “extensive internal investigation” and monitoring the network activity, GateHub says it’s still unable to find out any vulnerability in its part that may have led to or facilitated the heist.
However, the GateHub team has apologized to its customers nonetheless and has pledged to keep working round the clock to unravel the mystery behind the ugly incident.
Enej Pungercar, Founder and CEO of GateHub said:
“Though we are yet to identify any action or omission by GateHub that may have facilitated or allowed this theft to occur, we apologize deeply to all our users for this issue and pledge to get to the bottom of it all.“
Suspicious API Calls
Importantly, Pungercar has noted that the ongoing investigations have revealed that there were a couple of API requests to the victim’s accounts which were “all authorized with a valid access token” and there were no suspicious logins or brute force attacks detected.
And there has also been a significant increase in the number of API calls with valid access tokens, from a small number of IP addresses, giving the team reasons to thinks the hackers may have gained access to the encrypted keys via this means.
Even if the above assumption turns out to be valid, it still doesn’t answer how the hackers got the other credentials needed to decrypt the secret keys.
After disabling all access tokens on June 1, 2019, the suspicious API calls came to an abrupt end, said the team, adding:
“We’ve sent emails to users that might be affected by the suspicious API calls with instructions on how to protect their digital assets. If you have not received an email from us, then we have no reason to believe your account was compromised.“
GateHub says it has also engaged the services of a professional IT forensics team to find out whether its platform was hacked and it has also notified the relevant law enforcement agencies of the theft.
In related news, BTCManager informed on June 7, 2019, that the Komodo (KMD) blockchain project had hacked itself in a bid to patch a hole in its Agama wallet that would have gifted fraudsters over $13 million in KMD tokens.