Jump to content

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

yxxyun

By yxxyun,
in General Discussion

 Share Followers 22

Recommended Posts

Guest

Guest

Posted
Posted
24 minutes ago, hallwaymonitor said:

Indeed suspicious activity: At first the account receives lots of XRPs from multiple consumer-like accounts and after that it sends large amounts of XRPs to multiple exchanges and especially crypto swap services such as ChangeNOW, ALFAcashier, etc.

still crypto's no1 use case! hacking and money washing

:(

Link to post
Share on other sites
  • Replies 1.2k
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Silkjaer

On June 1 we were made aware of a theft of 201,000 XRP (transaction F6E9E1385E11649A6C2F88723A821AF209B54030886539DCEF9DDD00E6446948) and immediately started investigation. It turned out that the acco

GateHub

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net   GateHub

Silkjaer

Reminder: There is no direct evidence pointing to Gatehub being responsible even though it may appear as the most likely scenario right now. Just be careful about jumping to conclusions What you c

BAX

BAX 514

Posted
Posted
8 hours ago, gatehub said:

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net  

GateHub

Could you please give us more details when you have more info.

Thanks.

Link to post
Share on other sites
cjeremys2

cjeremys2 57

Posted
Posted
13 hours ago, gatehub said:

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net  

GateHub

I sent you guys a ticket and email I hope you can respond as soon as possible as this is not funny at all as no one knows my secret key from 2 years ago not unless it's an inside job yet mine just got compromised on the 30th of May.

Link to post
Share on other sites
Caracappa

Caracappa 3,080

Posted
Posted
On 6/2/2019 at 11:57 AM, gatehub said:

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net  

GateHub

Is there any update on this? I've got some XRP on GH that I might take out if it stays unclear whether it's a hoax, phishing, hack or inside job.

 

14 hours ago, cjeremys2 said:

I sent you guys a ticket and email I hope you can respond as soon as possible as this is not funny at all as no one knows my secret key from 2 years ago not unless it's an inside job yet mine just got compromised on the 30th of May.

Did you have 2FA on?

Link to post
Share on other sites
joe91

joe91 91

Posted
Posted

Security Specialists at Gatehub, Ladies and Gentlemen, why You still can't implement security system something of the sorts that Kraken is using!?! Kraken have 2FA, but then if a person wants to buy/sell/send, there is an extra layer of protection with additional (different) password/secret word in order to execute that transaction!

So, in this case, even if someone manages to hack into Gatehub, bypassing 2 layers of protection, they will still be confronted with a third layer of protection of a unique password/secret word!!! (I guess it makes much sense to implement such a thing!)

Link to post
Share on other sites
Personology

Personology 35

Posted
Posted
18 hours ago, cjeremys2 said:

I sent you guys a ticket and email I hope you can respond as soon as possible as this is not funny at all as no one knows my secret key from 2 years ago not unless it's an inside job yet mine just got compromised on the 30th of May.

Cjeremy, I'm on the same boat as you.  My sister and I got all my funds stolen on the same date to the same address.  I have my 2FA on and only Gatehub have my secret key.  I bookmarked Gatehub site so I know I didn't get phished.  I honestly don't what to do.  Anyone one has any advice?

Link to post
Share on other sites
Guest

Guest

Posted
Posted (edited)
5 hours ago, Caracappa said:

I've got some XRP on GH that I might take out if it stays unclear whether it's a hoax, phishing, hack or inside job.

XRP can be moved to and from a wallet in 3 seconds. There is no reason to leave XRP on an exchange unless you are trading it. 

If you're worried about missing a moon shot, you'll likely be able to move it to an exchange fast enough. 

Don't hold crypto on exchanges. Any exchange, it's bad bad bad. 

Heed the following individual's situation. 

55 minutes ago, cjeremys2 said:

Quick update from my end.

Gatehub just sent an urgent security email notification stating that they believe people's ripple wallet security may have been compromised.

Not sure where to start on this one..

 

Edited by Guest
Link to post
Share on other sites
Guest

Guest

Posted
Posted (edited)
1 hour ago, joe91 said:

Security Specialists at Gatehub, Ladies and Gentlemen, why You still can't implement security system something of the sorts that Kraken is using!?! Kraken have 2FA, but then if a person wants to buy/sell/send, there is an extra layer of protection with additional (different) password/secret word in order to execute that transaction!

So, in this case, even if someone manages to hack into Gatehub, bypassing 2 layers of protection, they will still be confronted with a third layer of protection of a unique password/secret word!!! (I guess it makes much sense to implement such a thing!)

It gives the user a false sense of security. People, stop leaving your assets on exchanges! 

However inconvenienced you may feel by moving your coins to a wallet, it's not nearly as inconvenient as having to deal with being the victim of a hack. 

Edited by Guest
Link to post
Share on other sites
kanaas

kanaas 4,071

Posted
Posted

One victim here as well. 799K stolen from my wallet raXpsscPp99gDrsm6qzTy9c6wQitr6q1h. No need to feel sorry as last year I could sell 1.6M XRP for about $1 average, so I'm still fine with even a very good amount of XRP left, now in a safer place as well (thanks @gatehub for warning)

I doubt it was hacked by 2FA bypassing as for several months didn't have any login to Gatehub myself and there is no sign of a suspicious attempt to my Gatehub wallet login and I use Google Auth (not SMS). And even if it was that way they DID left more than half of my funds untouched, so I think it didn't went that way. 

Truly hope it wasn't brute forcing secrets.... THAT would be scary....

Link to post
Share on other sites
Inequivalent

Inequivalent 115

Posted
Posted
10 minutes ago, kanaas said:

One victim here as well. 799K stolen from my wallet raXpsscPp99gDrsm6qzTy9c6wQitr6q1h. No need to feel sorry as last year I could sell 1.6M XRP for about $1 average, so I'm still fine with even a very good amount of XRP left, now in a safer place as well (thanks @gatehub for warning)

I doubt it was hacked by 2FA bypassing as for several months didn't have any login to Gatehub myself and there is no sign of a suspicious attempt to my Gatehub wallet login and I use Google Auth (not SMS). And even if it was that way they DID left more than half of my funds untouched, so I think it didn't went that way. 

Truly hope it wasn't brute forcing secrets.... THAT would be scary....

Going to the hackers wallet.. they used you for the first transaction to activate their wallet...

Link to post
Share on other sites
Xrylite

Xrylite 113

Posted
Posted
1 hour ago, Personology said:

I have my 2FA on and only Gatehub have my secret key.

34 minutes ago, kanaas said:

I doubt it was hacked by 2FA bypassing

Wow. That's wild to me that they got around the two-factor authentication as that's usually considered a "good enough" level of security for accounts. The only way I'd see someone getting around that is if they had the ability to disable your 2FA without requiring your 2FA to be used to do it. That most certainly would need an administrator-type level of access. Possibly enough to be able to access or manipulate their database.

I haven't been on GateHub since I used them to activate my first wallet. I don't recall if the secret keys are saved on their side and can be shown whenever you want in your account. However, if you can, then you know they must be stored as plain-text in some fashion. Assuming that's the case, then if someone got a hold of the plain-text secret keys (and the wallets), then they obviously have access to move things without worrying about 2FA to approve their action. This is more likely the case since it would be more straight-forward than disabling 2FA and finding a way to log in as each user to scrape their secret key.

Link to post
Share on other sites
Personology

Personology 35

Posted
Posted

Sorry to hear that kanaas.  Is there anyway we can get reimbursed if Gatehub is found to be at fault?  I lost almost 100k and am just devastated.  I believe in the tech and held it for over 6 years just to have it stolen by a exchange that was recommended by Ripple.  I could've sold some during the time it peaked now I'm mad at myself for not doing it.  That's all I have... my wife is going to kill me.  

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 22
Go to topic listing

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept