Jump to content
yxxyun

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

Recommended Posts

2 hours ago, LordVetinari said:

https://haveibeenpwned.com/

This is a site that reports if emails have appeared in data dumps. You can search for your email address and it will show if your email has ever appeared in a data dump. 

 

I know we have to trust is someone but sites like this can, in fact, add your, yet not in a data dump, e-mail to a very profitable database.

Share this post


Link to post
Share on other sites
35 minutes ago, JohnnyC said:

I am an old timer not sure if I am comfortable sending my wallet address but here are the destination tags where all my XRP went to in order.

Sent to rnprvYRjWGvpDLF1iSwqwepJscuMVQ1oEM- 680.0000 XRP 13 hours ago

 Failed transaction 13 hours ago

 Sent to rHvWywQiexNeCLWTa9dBjHTMAtt6tPN7Z1- XX,000.0000 XRP 2 days ago

 Sent to rMcqiWXMJEAEMXaFFgnjeuASwAMmef8B8c- XX,000.0000 XRP 2 days ago

 

Thank you. It's on our radar then :)

Share this post


Link to post
Share on other sites
44 minutes ago, cjeremys2 said:

Gatehub released a statement on their website but my god this is exactly the same sentences that was dropped here on XRPChat..

https://gatehub.net/blog/gatehub-preliminary-statement/

Copy and Paste by Enej!? Wth.

@gatehub You guys need to release a proper statement not something that was already said the day before lol.

I wanted to have some respect for at least making it public, but I am a bit sad that it is a clone of what was already provided to us here. Stating there's only "58" wallets affected was inaccurate almost immediately after it was posted to us here since we still had people stop in and mention that they were compromised as well. Sending an email to "all users that might be affected" isn't really enough if it isn't a guarantee that they are the only users that could be affected.

It's absolutely a tough time for everyone involved, but people need to know how dangerous this is. It sounds like it's been going for days and the issues are still rolling out. It sucks to suggest that people all move their funds off GateHub entirely in the mean time, but this is time sensitive and people's funds should be safeguarded in any way while it's an unknown how or what all is at risk. This is different than an exploit at an exchange because GateHub can't lock down all wallets until they figure things out; they also can't (or shouldn't be able too...) move all the funds to a safe wallet later either. This has to be done per-person and as soon as possible.

Share this post


Link to post
Share on other sites
7 minutes ago, gatehub said:

As stated in the blog post and on our social media, this is only a preliminary statement. Please know that we are working tirelessly to complete a thorough investigation and notify any customers whose accounts may have been affected. As soon as the investigation has been completed an official statement will be posted.

We appreciate your patience in this matter.

You do realise that your playing with the livelihood of every victim of this security breach?

I myself was looking to use my funds for tuition fee of my brother. 

The fact that your company hasn’t made any pledge to compensate the victims is what infuriates me and other victims.

Share this post


Link to post
Share on other sites
13 minutes ago, Xrylite said:

I wanted to have some respect for at least making it public, but I am a bit sad that it is a clone of what was already provided to us here. Stating there's only "58" wallets affected was inaccurate almost immediately after it was posted to us here since we still had people stop in and mention that they were compromised as well. Sending an email to "all users that might be affected" isn't really enough if it isn't a guarantee that they are the only users that could be affected.

Thank you for your comment. We have already corrected the number of compromised wallets.  

Share this post


Link to post
Share on other sites
19 minutes ago, FMGC said:

I know we have to trust is someone but sites like this can, in fact, add your, yet not in a data dump, e-mail to a very profitable database.

This incident it doesn't matter because the funds were drained out without the hacker gaining access to users gatehub ui means totally no log in whatsoever. 

Share this post


Link to post
Share on other sites
18 minutes ago, gatehub said:

and notify any customers whose accounts may have been affected.

Why not send out a warning email to all clients in advance? People are still getting hacked and some of them haven't received even a warning email. People don't follow crypto on a daily basis, let alone reading XRP chat or any other sub reddit. There are still people with funds on Gatehub having no idea that Gatehub has been compromised. It's a ticking bomb.

If you don't want to send emails to all customers then at least send an email and give a phone call (you should probably have phone #s as part of KYC) to potential victims - not everyone gets an instant notification when receiving an email.  

Share this post


Link to post
Share on other sites
1 hour ago, mrenne said:

Those transactions tried to move the last 40 XRP out of the wallet, which is not possible. It seems like first the hackers found out (moved out eveything but 20 XRP in the last tx of the list, saw the transaction fail, then moved out a smaller amount, then the leftovers)

Then you tried yesterday (the first tx number, this tx went through GateHub)?

Yes! It was me trying to send all my XRP to the Toast Wallet.

 

No answer from HitBTC yet

Share this post


Link to post
Share on other sites
1 hour ago, Hero_Member said:

Oh boy... Here we go!

make sure your PC and internet connection are safe...

1. you need the secret from your old account. If you do not have that yet, log into gatehub and click on your wallet. Find "advanced" and click on it. Click on the button show secret key. Now you have it. Copy the secret key.

2. start a browser in private mode and go to bithomp.com. Create a new ripple walet first -> click on XRP Tools, then Generate XRP Wallet Now click on Generate and you have a new keypair. Keep them very safe, as this will be your new secret later.

3. go back to bithomp.com and choose Bithomp tools now. read the legal stuff and proceed. Click on online and connect. Paper wallet is selected, that is the one we need. Enter your old secret key in the input field. Now you can choose some options. Choose  settings at "choose transaction type" And then go to "choose a setting to modify" There you select "regular key" and you enter the new address (r..) from step 2. Click on "set" and it should be good. This actually is a transaction on the ledger, so you could see it on Gathub/Bithomp etc..

4. Last step, disable master key. Choose again in  "choose a setting to modify" list and select "disable master key" Click on Set again and your account should be safe. All transactions can only be signed with the secret from step 2.

Please be careful, any mistake and your account cannot be accessed anymore...

Legal disclaimer: I am only trying to help, do this at your own risk!

@Warbler Do you agree with these steps??

 

It's might be easier and quicker just to create a paper wallet and move funds into it. Though 20 xrp will be locked as a base reserve on the new paper wallet.

paper wallet is open sourced, you can download it from github: https://github.com/Bithomp/xrp-paper-wallet

Otherwise you're right, though it can be a bit more complicated/secure :)

It's more secure to download software like wallet generator, paper wallet or bithomp tools and then transfer them to an offline computer/phone/tablet/rasberyPi which will be never be online, and then do all the operation with the secrets there, offline. Bithomp tools supports offline mode.

For a smaller amounts, if the computer is secure, you can use a private mode in browser.

xrp-wallet-generator also open sourced and available on github to download:

https://github.com/Bithomp/generate-xrp-wallet

same for bithomp tools: 

https://github.com/Bithomp/bithomp-tools

 

 

Share this post


Link to post
Share on other sites
51 minutes ago, mrenne said:

I have noticed transfers of the hackers into Changenow are using 50+ different destinatinon tags. Does anyone have experience with Changenow? They are aware of the hack and wait for a police order to act.

Small update regarding Changenow: a friend of mine contacted them, and they told him they have been contacted by GateHub now, and keep communicating with them about the matter. They are now analyzing the destination tags involved in the hack.

Share this post


Link to post
Share on other sites
22 minutes ago, iLeeT said:

Why not send out a warning email to all clients in advance? People are still getting hacked and some of them haven't received even a warning email. People don't follow crypto on a daily basis, let alone reading XRP chat or any other sub reddit. There are still people with funds on Gatehub having no idea that Gatehub has been compromised. It's a ticking bomb.

 If you don't want to send emails to all customers then at least send an email and give a phone call (you should probably have phone #s as part of KYC) to potential victims - not everyone gets an instant notification when receiving an email.  

Please provide us with the wallet address of user/users who haven't received a warning email. Please send it to our private message if you do not feel comfortable posting it publicly. After the 3rd of June, multiple emails were sent to all users whose wallets might be compromised not just to the ones that had their funds stolen. 

Share this post


Link to post
Share on other sites
13 minutes ago, gatehub said:

Please provide us with the wallet address of user/users who haven't received a warning email. Please send it to our private message if you do not feel comfortable posting it publicly. After the 3rd of June, multiple emails were sent to all users whose wallets might be compromised not just to the ones that had their funds stolen. 

I'm just referring to people posting in this thread, e.g.:

 

Share this post


Link to post
Share on other sites
1 hour ago, raulnavarro said:

Hi @Hero_Member i did all the step but in Gatehub it still appears the old secret key... Is that ok? 

Yeah, just leave it like that. Do not enter the new key in Gatehub. Your transactions will still be visible, you just cannot trade anymore with the old key that is stored there

Share this post


Link to post
Share on other sites
10 minutes ago, iLeeT said:

I'm just referring to people posting in this thread, e.g.:

 

We are sorry to hear about this incident. After checking this particular case, the transaction was made 10 days ago and therefore was not executed by the exact perpetrator mentioned in the preliminary statement. We will look into this matter as well.  

Share this post


Link to post
Share on other sites

@gatehub As is likely VERY clear to you. We want to be notified immediately as new developments unfold in your investigation. Many of us had our entire investment accounts wiped clean due to your security negligence. 23 million XRP's stolen from GateHub and counting. Not to mention the many FBI and local law enforcement reports that are coming your way. We are waiting...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...