at3n Posted June 4, 2019 Share Posted June 4, 2019 4 minutes ago, BAX said: Do we know if they stole other assets beside XRP, I see that Gatehub have also BTC,BCH,ETH,ETC,REP and Dash? The other assets are worth total $17 mil of today prices. https://gatehub.net/stats Can't imagine that would be worth trying to steal the IOUs, Gatehub could freeze them on the hackers' wallets, and no way to redeem them without identifying yourself. You'd need to trade them for XRP before you were frozen, and there's not that much liquidity available for trading. Link to comment Share on other sites More sharing options...
at3n Posted June 4, 2019 Share Posted June 4, 2019 (edited) 8 minutes ago, Borry said: One thing is noteworthy about GH. Under "show secret key" you can simply see / get the ripple secret key. So, yes its stored somewhere (encrypted I hope?) But its definitely going via GHs website. Maybe the hackers found a way to retrieve this information. Anyway, this should be changed or at least removed (or only sent to the confirmed mail address). The encrypted secret is sent to the browser and the browser decrypts it, that's been my understanding. Transactions are signed in the same way. That's why you need to enter your password a second time in order to see the secret key or send a transaction, because Gatehub doesn't know the password. The decrypted key should not make its way back to Gatehub, although it could be visible to malware on the client's PC. Edit: Sure as hell wouldn't want my secret key sent in an email! Edited June 4, 2019 by at3n Borry and horax12 2 Link to comment Share on other sites More sharing options...
Munkibyte Posted June 4, 2019 Share Posted June 4, 2019 No, my wallet was not imported from anywhere else. I created the account on Gatehub a couple years ago, imported Bitcoin, traded for XRP, put in the Gatehub wallet, set up all the security, then have never went back in until I get the email from Gatehub saying I was hacked. Link to comment Share on other sites More sharing options...
Hero_Member Posted June 4, 2019 Share Posted June 4, 2019 7 minutes ago, Munkibyte said: No, my wallet was not imported from anywhere else. I created the account on Gatehub a couple years ago, imported Bitcoin, traded for XRP, put in the Gatehub wallet, set up all the security, then have never went back in until I get the email from Gatehub saying I was hacked. This pretty much rules out phising/malware, as you need to login to get the password.. Selective 1 Link to comment Share on other sites More sharing options...
jlripple Posted June 4, 2019 Share Posted June 4, 2019 55 minutes ago, BAX said: Its gatehub.net And the thefts didn't need to bypass 2FA because most likely they got the secret keys somehow. All the victims never got emails that someone is logging from different IP. If all the victims here are imported wallets from RippleTrade, the problem might be coming from RippleTrade not Gatehub!!! Could guys share if your stolen wallets were imported from RippleTrade? My wallet was created with gatehub account it's a new wallet Selective 1 Link to comment Share on other sites More sharing options...
ZeeperCreeper Posted June 4, 2019 Share Posted June 4, 2019 This is effed up situation. It's really sad to see so many people loose their investments for scumbag thieves. I'd be completely gutted if someone stole the stack I've been adding to month after month from my hard earned paycheck. I sincerely hope those ******** will be caught and the funds returned to rightful owners, however unlikely it seems. As all current evidence points to a weakness with gatehubs cybersecurity, I find their current response to the situation utterly dissatisfying. Lamberth, LittleLordFauntleroy, Kiwi and 6 others 9 Link to comment Share on other sites More sharing options...
jlripple Posted June 4, 2019 Share Posted June 4, 2019 49 minutes ago, 2ndtimearound said: Yes it's unlikely but kept as a possibility. Having said that, how can it be that gatehub.net are saying "you got hacked, sorry for your loss" before an investigation has taken place? Have they no responsibilities here? Did they say that? I just got a mail from then informing about the security breach Link to comment Share on other sites More sharing options...
jlripple Posted June 4, 2019 Share Posted June 4, 2019 I noticed one thing though Funds moved by the hackers only consumed Fee0.000012 XRP But if I were to do it from the gatehub ui it always cost Fee0.000015 XRP minimum. Coincidence? Selective 1 Link to comment Share on other sites More sharing options...
Hero_Member Posted June 4, 2019 Share Posted June 4, 2019 1 hour ago, jlripple said: Then basically we're screwed 2x Once for migrating to gatehub another exit scam Pretty sure its not an exit scam, but it could very well be an inside job. If anyone reported sick today... 2ndtimearound 1 Link to comment Share on other sites More sharing options...
smoothy Posted June 4, 2019 Share Posted June 4, 2019 2 minutes ago, jlripple said: I noticed one thing though Funds moved by the hackers only consumed Fee0.000012 XRP But if I were to do it from the gatehub ui it always cost Fee0.000015 XRP minimum. Coincidence? well, they did not use the gatehub ui. They somehow got hold of the secret keys of accounts migrated to, or created at gatehub. And with the secret key, you can use whatever wallet you want to transfer funds. Link to comment Share on other sites More sharing options...
2ndtimearound Posted June 4, 2019 Share Posted June 4, 2019 19 minutes ago, ZeeperCreeper said: As all current evidence points to a weakness with gatehubs cybersecurity, I find their current response to the situation utterly dissatisfying. Absolutely. From their hom page : "Safely stored in one of your trusted gateways. We make sure your money is always safe and 100% backed." And when money is stolen through no fault of the customer whatsoever, they say "sorry for your loss". LetHerRip 1 Link to comment Share on other sites More sharing options...
jlripple Posted June 4, 2019 Share Posted June 4, 2019 2 minutes ago, smoothy said: well, they did not use the gatehub ui. They somehow got hold of the secret keys of accounts migrated to, or created at gatehub. And with the secret key, you can use whatever wallet you want to transfer funds. Then the claim about gatehub not knowing our secret keys is not true then. This is scary ****. Link to comment Share on other sites More sharing options...
2ndtimearound Posted June 4, 2019 Share Posted June 4, 2019 25 minutes ago, jlripple said: Did they say that? I just got a mail from then informing about the security breach To me this : "We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses." ...reads as "sorry for your loss, we wash our hands of the event, and merely let you know it happened". Link to comment Share on other sites More sharing options...
jlripple Posted June 4, 2019 Share Posted June 4, 2019 4 minutes ago, 2ndtimearound said: To me this : "We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses." ...reads as "sorry for your loss, we wash our hands of the event, and merely let you know it happened". Painful lesson very painful Link to comment Share on other sites More sharing options...
Hero_Member Posted June 4, 2019 Share Posted June 4, 2019 3 minutes ago, 2ndtimearound said: To me this : "We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses." ...reads as "sorry for your loss, we wash our hands of the event, and merely let you know it happened". Well, that would be the case if you somehow got your pc infected, and someone got hold of your private key. In this case it looks like the Gatehub security was breached, so we will have to wait and see what happens... Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now