jlripple Posted July 12, 2019 Share Posted July 12, 2019 1 hour ago, at3n said: So, speculation... Break the hashed password (was it salted?), potentially with the help of purchased password databases from past data breaches (find other passwords linked to the same email), then use the password to decrypt the key? Where's the announcement? Via email? Link to comment Share on other sites More sharing options...
Harrryquartz Posted July 12, 2019 Share Posted July 12, 2019 6 hours ago, jlripple said: Where's the announcement? Via email? According to Gatehub they are emailing affected users and updating their website blog shortly Link to comment Share on other sites More sharing options...
jlripple Posted July 13, 2019 Share Posted July 13, 2019 Latest hack: https://asia.nikkei.com/Spotlight/Bitcoin-evolution/Hackers-snatch-32m-from-Japan-cryptocurrency-exchange-Bitpoint Swift and transparent, users compensated. Lousy gatehub. Ghobicat 1 Link to comment Share on other sites More sharing options...
Sukrim Posted July 14, 2019 Share Posted July 14, 2019 The next question I'd have would be about the exact mechanism of hashing and encryption that was used. This can range from negligent up to "well, users chose bad passwords". Harrryquartz and at3n 2 Link to comment Share on other sites More sharing options...
NightJanitor Posted July 14, 2019 Share Posted July 14, 2019 15 hours ago, Sukrim said: The next question I'd have would be about the exact mechanism of hashing and encryption that was used. This can range from negligent up to "well, users chose bad passwords". That's a good engineering question. My question would be about the timing, based solely upon someone posting way back in this thread that GateHub had recently hired a new security firm to do an audit. If that's true, then some new people just recently got access to their systems to do a code review (or some older people got nervous when they found things were about to get tighter)? That was the clue-iest thing I saw in this thread. Though, GateHub *could* have had longer knowledge of the breach and hired the team after the fact, without saying anything. kanaas 1 Link to comment Share on other sites More sharing options...
jlripple Posted July 15, 2019 Share Posted July 15, 2019 my take is someone got hold of the code to decrypt the hashed password then in turn decrypt the secret keys. how can the hacker gain access to: · Email · Hashed password · Hashed recovery key · Encrypted XRP ledger wallets secret keys (non-deleted wallets only) by means of access tokens even if users are not logged in. Tyvole 1 Link to comment Share on other sites More sharing options...
at3n Posted July 15, 2019 Share Posted July 15, 2019 1 hour ago, jlripple said: my take is someone got hold of the code to decrypt the hashed password then in turn decrypt the secret keys. There is no code to decrypt a hash, by design it's not reversible, even if you know the algorithm used to create the hash. To crack it you need some sort of brute force method, of which there are a number available depending on how the hashing was implemented. Hashes created from long complex passwords are effectively impossible to crack if implemented properly. 1 hour ago, jlripple said: how can the hacker gain access to: · Email · Hashed password · Hashed recovery key · Encrypted XRP ledger wallets secret keys (non-deleted wallets only) by means of access tokens even if users are not logged in. That's the million dollar question... Seems to be through an API exploit, but we don't know what exactly that was. Would assume it was some sort of bug in the API code anyway, to hand out access tokens to improperly authenticated users, or to grant inappropriate permissions to users who were authenticated under a different account. Link to comment Share on other sites More sharing options...
jlripple Posted July 16, 2019 Share Posted July 16, 2019 20 hours ago, at3n said: There is no code to decrypt a hash, by design it's not reversible, even if you know the algorithm used to create the hash. To crack it you need some sort of brute force method, of which there are a number available depending on how the hashing was implemented. Hashes created from long complex passwords are effectively impossible to crack if implemented properly. That's the million dollar question... Seems to be through an API exploit, but we don't know what exactly that was. Would assume it was some sort of bug in the API code anyway, to hand out access tokens to improperly authenticated users, or to grant inappropriate permissions to users who were authenticated under a different account. yes but how does 500+ accounts get decrypted in such a short period of time? including accounts with small balance which if i were the hacker i will not be bothered due to the time and effort needed. Geekluca and Selective 2 Link to comment Share on other sites More sharing options...
Selective Posted July 16, 2019 Share Posted July 16, 2019 3 hours ago, jlripple said: yes but how does 500+ accounts get decrypted in such a short period of time? including accounts with small balance which if i were the hacker i will not be bothered due to the time and effort needed. All the ripple hacks this month raises a lot of questions, I'm wondering If ripple mainnet has a flow. Link to comment Share on other sites More sharing options...
jlripple Posted July 16, 2019 Share Posted July 16, 2019 It's coming to two months yet to get the official final announcement. This is gatehub true colors guys. Link to comment Share on other sites More sharing options...
tulo Posted July 16, 2019 Share Posted July 16, 2019 4 hours ago, Selective said: All the ripple hacks this month raises a lot of questions, I'm wondering If ripple mainnet has a flow. This has nothing to do with mainnet, otherwise we'd seen hacked accounts that were not stored by gatehub. @all the people hacked: did you have a relatively easy password (less than 6 characters) on gatehub? Link to comment Share on other sites More sharing options...
faz Posted July 16, 2019 Share Posted July 16, 2019 9 minutes ago, tulo said: This has nothing to do with mainnet, otherwise we'd seen hacked accounts that were not stored by gatehub. @all the people hacked: did you have a relatively easy password (less than 6 characters) on gatehub? most people had strong passwords and two factor authentication switched on . i still think this was some kind of inside job and thats why i think gatehub has taken forever to make a definitive statement on this mess . Geekluca 1 Link to comment Share on other sites More sharing options...
Guest Posted July 16, 2019 Share Posted July 16, 2019 20 minutes ago, faz said: thats why i think gatehub has taken forever to make a definitive statement on this mess . That silksjaer guy said accounts are still being compromised or at least that XRP is still being moved off gatehub by the hackers which indicates gatehub have absolutely no idea how the hackers have managed to do this. That's why there's no statement imo. Link to comment Share on other sites More sharing options...
jlripple Posted July 16, 2019 Share Posted July 16, 2019 (edited) 1 hour ago, faz said: most people had strong passwords and two factor authentication switched on . i still think this was some kind of inside job and thats why i think gatehub has taken forever to make a definitive statement on this mess . Yeah man my password consists of 12 characters alpha and numerical also caps small letters. Will take centuries to decrypt. That's only my account. Hackers can break 500 plus accounts in days? How much computing power they have. Edited July 16, 2019 by jlripple Ghobicat 1 Link to comment Share on other sites More sharing options...
Jillian Posted July 16, 2019 Share Posted July 16, 2019 (edited) 4 hours ago, tulo said: This has nothing to do with mainnet, otherwise we'd seen hacked accounts that were not stored by gatehub. @all the people hacked: did you have a relatively easy password (less than 6 characters) on gatehub? I had just changed my password 3 days prior to my account being hacked. I used 18 characters including upper case, lower case letters, numbers and punctuation marks. 2fa on Gatehub account New Email Account was Added 2fa on an email that was exclusive to Gatehub account only never used for anything other than Gatehub. Account was created in 2016 Edited July 16, 2019 by Jillian ShimsXRP 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now