The Mystery Behind the GateHub Hack

At the end of last week, June 6th, Gatehub issued a preliminary report stating that hackers were able to steal 23.2 million XRP wallets worth about 9.5 million USD. Part of the funds are reportedly laundered already.

The report informed that investigation is still ongoing as they are still trying to solve the mystery of how the security breach occurred. It is, however, believed that GateHub’s API was abused by the hackers, which resulted in the security breach.

Suspicious API calls

GateHub has been receiving API calls frequently. It is suspected that this could be the way the perpetrators of the hack were able to gain access to the encrypted secret keys. However, the hackers had first to decrypt the secret keys for them to be able to access the funds. But still, the said API calls don’t explain how the hackers were able to obtain the relevant information to enable them to decrypt the secret keys.

The API calls are said to have had valid access tokens and originated from a few IP addresses. The access tokens were disabled as from first June, and the said suspicious API calls stopped.

Suspicious Activity Spotted

Thomas Silkjær, a member of the XRP Forensics, found out that there was suspicious activity in the transaction history and spotted that the hackers used 12 XRP addresses to gather the funds. The stolen and already laundered funds from GateHub are said to have been laundered through mixer and exchange services such as Binance and Kucoin.

Thus far, forensic experts are unable to figure out how the perpetrators were able to steal from GateHub accounts. In the report, GateHub has indicated that they have notified the authorities and conducting an internal investigation.

Another Dreadful Week in the Crypto Space

This week has been quite eventful in the crypto space – the Kamondo platform also had a security incidence. Apparently, it is said that they had hacked themselves in a bid to move 13 million from what they term as unsafe wallets before hackers could get to them. The Kamondo team has now allowed its users to reclaim their funds.

As everyone is bracing themselves to adopt the perquisites of cryptocurrency, you are highly recommended to understand how crypto wallets function as well as choose the one that works best for your needs. Nonetheless, don’t forget to back up your private and wallet keys safely. Once you lose your wallet keys either by misplacing your device or through a phishing event, that’s it; your funds are gone!

Carolyn Coley is a blockchain reporter. She joined Smartereum after graduating from UC Berkeley in 2018.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.