a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

[Silkjaer 542]

1 minute ago, cjeremys2 said:

Does that mean if your day trading on Gatehub your more likely to get your account compromised? That is insane no wonder they hacked my account whilst I still have a sell order up.

No, not at all

[Milk 7]

19 minutes ago, cjeremys2 said:

First of all can we stop this weak password assumptions. I hate to state this but to accuse all 90+ victims of having weak password sounds pretty stupid. I as one of the people that got hacked takes 6,588 centuries for my password to get cracked. So if your stating my password is weak please spend 6,588 centuries to crack it please.

And no hackers are stupid enough to brute force every person's password when they can just use a backdoor straight to Gatehub's networks since clearly right now it shows Gatehub has a big security flaw that they don't want to address to the community since it makes them more liable for the losses.

Can you share any characteristics of your password? Was it long and random, was it a sentence, was it a word from a dictionary, etc?

Did you have the same secret key imported to another GateHub account that used a weaker password?

I don't want to make you feel careless or anything, I just want to get to the bottom of this theory...

[Sukrim 1,889]

23 minutes ago, cjeremys2 said:

So if your stating my password is weak please spend 6,588 centuries to crack it please.

Sure thing, please post the encrypted information publically and I'll take a shot at it.

Humans are really terrible at choosing random passwords and computers are really terrible at measuring password strength. The string "Passw0rd123456!!!" probably would measure as extremely secure on most "how strong is your password?" algorithms, but it would probably be broken within minutes by a bruteforcing algorithm.

[Xrylite 113]

8 minutes ago, Milk said:

Can you share any characteristics of your password? Was it long and random, was it a sentence, was it a word from a dictionary, etc?

Did you have the same secret key imported to another GateHub account that used a weaker password?

 

11 hours ago, cjeremys2 said:

I don’t think the password is the issue as mine takes 6588 centuries to be cracked based on a website. 

Goodluck cracking my password if that is the case. Mine consists of 12 characters with few letters & number and special characters.

Also I’ve been with Gatehub for 2 years using the same password solely for Gatehub not used on my other accounts hence if someone knew it why use a backdoor? when you can just login on the UI. Also where does 2FA sit on this since it was bypassed easily.

He did mention some information about his password a few pages back. I tried asking a day or two ago if anyone was using password management software (Lastpass, Dashlane, 1Pass, etc.) as those would also be pretty immune to brute force.

The moment cjeremys2 mentioned he was affected, but his password is what it should be to be considered safe, that means that this isn't solely a password issue. It certainly could involve it with some people, but I feel the nature for which they've been taking XRP would be pretty consistent. So, it's probably worth skipping password assumptions and focusing on other ways that they obtained secret keys.

[Sukrim 1,889]

6 minutes ago, Xrylite said:

He did mention some information about his password a few pages back.

Yeah, he said: "Mine consists of 12 characters with few letters & number and special characters."

If this really has very good entropy (meaning: not chosen by a human) it should be barely enough - if it was chosen by a human it is likely not enough. Still much weaker than the secret it is supposed to protect by the way.

[Hero_Member 120]

1 hour ago, Gaghetano said:

Just got my wallet cleaned 🥺

Really sorry to hear this! Did this happen today? And did you recieve the notification email from Gatehub in the last few days?

[cjeremys2 57]

32 minutes ago, Sukrim said:

Sure thing, please post the encrypted information publically and I'll take a shot at it.

Humans are really terrible at choosing random passwords and computers are really terrible at measuring password strength. The string "Passw0rd123456!!!" probably would measure as extremely secure on most "how strong is your password?" algorithms, but it would probably be broken within minutes by a bruteforcing algorithm.

I've sent you a message for you leisure and that file is encrypted with my password on Gatehub.

Let me know how you get along with it.

[Raiden 240]

I would like to thank the users that stressed other people te keep their funds out of exchanges, i transfered mine a couple of months ago. 

[Xrylite 113]

1 hour ago, Sukrim said:

If this really has very good entropy (meaning: not chosen by a human) it should be barely enough - if it was chosen by a human it is likely not enough. Still much weaker than the secret it is supposed to protect by the way.

I agree that some passwords can be trash and still use numbers, letters, and special characters. For example, "password11!!" has shown up 54 times in the few breaches mentioned by HaveIBeenPwned. However, if their password is exclusively used for that one account and it doesn't show up as a password in any of the known password lists, I think it should be considered reasonably safe.

If you're the only one to use "password22@@", then you aren't going to be in a predefined list of passwords to brute force and check first, so it's going to take at least a bit longer unless the pattern in the brute forcing is designed in a way to try all variations from the known list that seem reasonably close. There are definitely a lot of "ifs", which is why I'd hope we can affirm if anyone used a diceware or password management software.

[Sukrim 1,889]

2 minutes ago, Raiden said:

I would like to thank the users that stressed other people te keep their funds out of exchanges, i transfered mine a couple of months ago. 

Gatehub is not an exchange, it is a wallet provider and a gateway.

The exchange part is XRPL itself and you are accessing it through your wallet.

It is a good idea not to use closed source wallets though, since their back end implementation can't be publically audited.

[Pablo 6,701]

I’m staggered the thefts are ongoing. Can’t they shut down withdrawals until this is resolved? Holy smokes.

Also, the 2016 thread reposted by @lucky earlier in this thread is absolutely gut wrenching to read now.

Any official message from Ripple? 

 

[Xrylite 113]

4 minutes ago, Pablo said:

I’m staggered the thefts are ongoing. Can’t they shut down withdrawals until this is resolved? Holy smokes.

They can't shut down withdrawls because they're not a holder of the wallet. It sounds like these thefts are because someone has access to not only the wallet, but the secret keys themselves. They could go into lockdown with APIs and logins if they felt it was still being abused right now, but it sounds like the consensus so far is that whoever has access to those items already has them locally.

So, truly the only safeguard when someone has your wallet and potentially your secret key is to re-key the wallet (I don't know the technical background of the steps or risks involved there) or to just transfer the money to a different wallet and consider that one useless (until you can re-key?).

The withdrawl disabling happens mainly with exchanges because they are the only ones with access to the secret key and you're just basically in control of some funds in their wallet via your account.

[2ndtimearound 6,969]

11 hours ago, orxan5000 said:

My xrps gone to rHvWywQiexNeCLWTa9dBjHTMAtt6tPN7Z1. Pleae add this address to research or legislation report too

Following where that wallet has taken FROM, I find this wallet :-

https://bithomp.com/explorer/rEdUuLjBTKR5BnW4SJE3HDwEKntd11uR9M

Looks like the aforementioned wallet (rEdUuLjBTKR5BnW4SJE3HDwEKntd11uR9M) was emptied on 4th June - a little over 24 hours ago as I write.

It's a very confusing situation - IF what I have linked to is the scene of a crime, it seems like certain wallets (all XRP wallets?) still aren't secure on GateHub. 

 

Edited June 6, 2019 by 2ndtimearound

[JohnnyC 10]

SHUT GATEHUB DOWN NOW!!!!!!

I have been around a while and was an early investor in XRP. I left some of my stack on Gatehub and its all gone. They stole the last bit 40 minutes ago.

I am disgusted by the emails insinuating I was at fault for the GateHub breach and that I should contact local law enforcement as if that is going to help.

I went to Gatehub because it was recommended by some Ripple employees.

If Brad Garlinghouse and David Schwartz want mass adoption they should fire the Gatehub CEO immediately, shutdown Gatehub, get to the bottom of all this and fix it.

Hopefully, Ripple will replace my XRP or Gatehub.  I am sick to my stomach!!!!

 

Going to be hard to sleep tonight!!!

[richxrp 422]

49 minutes ago, Xrylite said:

So, truly the only safeguard when someone has your wallet and potentially your secret key is to re-key the wallet (I don't know the technical background of the steps or risks involved there) or to just transfer the money to a different wallet and consider that one useless (until you can re-key?).

It appears that someone/some group has got ahold of the secret keys or knows a way of generating them. So Don't rekey.  Just follow these 3 steps.  It's safer than rekeying and the only disadvantage is that you'll need to leave behind the 20 XRP reserve in your old wallet.

1. Download Toast Wallet on your computer/mobile device

2. Create a new XRP Wallet Address in Toast.. Make sure you remember your password in Toast and take a backup of your wallet.

3. Then transfer all your funds over to the new Toast Wallet.

Done.