Report: Nearly $10 Million in XRP Stolen in GateHub Hack
Hackers have reportedly compromised nearly 100 XRP Ledger wallets on cryptocurrency wallet service GateHub. The incident was announced by GateHub in a preliminary statement on June 6.
In the statement, GateHub reveals that it was notified by some of its customers and community members that funds on their wallets had been stolen. The company estimates that hackers managed to compromise around 100 XRP Ledger wallets.
Although the company did not initially identify any nefarious activities on its platform, it began an investigation on the matter, wherein it discovered increased application programming interface (API) calls coming from a small number of IP addresses. This could purportedly be the way the culprit got access to encrypted secret keys.
Community member Thomas Silkjær — one of those who warned GateHub about the breach — published a report on the hack, revealing that:
“On June 1 we were made aware of a theft of 201,000 XRP … and immediately started investigation. It turned out that the account robbed was managed through Gatehub.net, and that the offending account (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from several other XRP accounts, likely to be or have been managed through Gatehub.net.”
Silkjær states that as of June 5, approximately 23,200,000 XRP (nearly $9.5 million at press time) were stolen from 80–90 victims, of which around 13,100,000 XRP ($5.37 million) had already been laundered through exchanges and mixer services.
GateHub notes that it is still conducting the investigation, and thus cannot post any official conclusions.
As reported earlier this month, blockchain intelligence firm Chainalysis claimed that 64% of ransomware attack cash-out strategies involve the laundering of funds via cryptocurrency exchanges. Among other ransomware cash-out strategies analyzed, 12% involved mixing services and 6% involved peer-to-peer networks, while others went via merchant services providers or dark web marketplaces. 9% of ransomware proceeds reportedly remain unspent.