Jump to content

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k


yxxyun
 Share

Recommended Posts

It should be noted that if the attacker has in some way obtained a load of encrypted secret keys/access to Gatehub's database, then changing your Gatehub password now will not protect you, if they have been brute-forcing them.

Until we know more details, anyone with substantial holdings in a Gatehub wallet should move them to another wallet (new secret key).

Link to comment
Share on other sites

On 6/2/2019 at 10:57 AM, gatehub said:

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net  

GateHub

Is there any update? Just heard from my friend and he's received an email from GateHub support telling him the funds are lost. I feel gutted for him as I got him into XRP and endorsed GateHub as a secure place to store as they were backed by Ripple. Maybe not a platform I'll be recommending from now. I'm sure the social media is going to be lit up about this. Not going to end well for GateHub. 

Link to comment
Share on other sites

2 minutes ago, hillsey_london said:

Is there any update? Just heard from my friend and he's received an email from GateHub support telling him the funds are lost. I feel gutted for him as I got him into XRP and endorsed GateHub as a secure place to store as they were backed by Ripple. Maybe not a platform I'll be recommending from now. I'm sure the social media is going to be lit up about this. Not going to end well for GateHub. 

Could you get us a copy of that email?

Link to comment
Share on other sites

9 minutes ago, at3n said:

Could you get us a copy of that email?

Dear Mr XXXX,

We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses.

In case your funds have been compromised we suggest the following:

1) Make sure to transfer any remaining funds from Ripple wallets to HOSTED wallets.

2) Immediately inform local law enforcement agency and file a report.

Additionally, we kindly ask you for your cooperation to help us with the investigation.

a) Have you ever received any suspicious emails that were emulating an email from GateHub and asking for any kind of personal information related to your GateHub account? If so, please forward it to security@gatehub.net

In future, note that we only use the xxxx@gatehub.NET domain, be wary of others. We never ask for any kind of personal information (e.g. login passwords, etc.) via email. Please keep that in mind for future reference.

On the same note, please make sure to always keep your personal information safe and secure.

b) Have you ever used or are still using any other gateways besides GateHub and Ripple trade, or any other XRP Ledger network clients using the same XRP Ledger secrets?

c) Have you ever used the same login password on a website other than gatehub.net?

d) Did you have 2FA enabled for your account at the time of the unauthorised transaction?

If you have answered positively to the questions above we urge you to change your login password and enable two-step verification.
Kind regards,

Lado

Link to comment
Share on other sites

2 hours ago, kanaas said:

One victim here as well. 799K stolen from my wallet raXpsscPp99gDrsm6qzTy9c6wQitr6q1h. No need to feel sorry as last year I could sell 1.6M XRP for about $1 average, so I'm still fine with even a very good amount of XRP left, now in a safer place as well (thanks @gatehub for warning)

I doubt it was hacked by 2FA bypassing as for several months didn't have any login to Gatehub myself and there is no sign of a suspicious attempt to my Gatehub wallet login and I use Google Auth (not SMS). And even if it was that way they DID left more than half of my funds untouched, so I think it didn't went that way. 

Truly hope it wasn't brute forcing secrets.... THAT would be scary....

But this wallet is different than the one being discussed in this thread! Something don't seem right here - my gut feeling tells me something is suspicious!!! :unsure:

Link to comment
Share on other sites

Just received e-mail from GateHub as below.

Basically - they can't do anything.. This is awful.  I have enabled 2FA since I open up the account and they just reply that it is irreversible.

I don't know what to do now... Do I just forget about this?

 

_____________________________________________________________

 

 

We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses.

In case your funds have been compromised we suggest the following:

1) Make sure to transfer any remaining funds from Ripple wallets to HOSTED wallets.

2) Immediately inform local law enforcement agency and file a report.

Link to comment
Share on other sites

2 minutes ago, joe91 said:

But this wallet is different than the one being discussed in this thread! Something don't seem right here - my gut feeling tells me something is suspicious!!! :unsure:

Yep I've seen it as well. What do you think is suspicious here? All victims seem to have received the same email from GH. So it looks like GH has detected in some way this hacking activity and they have all this "warned" victims as a client. The attackers using more than one account gather the stolen funds doesn't change that.

Link to comment
Share on other sites

On 6/1/2019 at 7:37 PM, yxxyun said:

a few user reported their gatehub wallet been hacked...

This has been happening with Gatehub for years. How are they still in business?

I know someone who lost over 1M XRP with Gatehub roughly 2 years ago, same exact thing (he bookmarked their site, had 2FA, etc). They essentially said "sorry, nothing we can do..."

In 2017, a Gatehub Phishing site was up for weeks as the first search result on Google (and was labeled "trusted"). Another issue back then IFRC was an exploit regarding their Ripple gateway, which is how many think their wallets were compromised. Still seems like we're in the wild west of crypto - Gatehub really needs to do the right thing and reimburse everyone and address/fix the problem. I'm just as mad as all of you who have lost funds.

 

Link to comment
Share on other sites

2 hours ago, kanaas said:

One victim here as well. 799K stolen from my wallet raXpsscPp99gDrsm6qzTy9c6wQitr6q1h. No need to feel sorry as last year I could sell 1.6M XRP for about $1 average, so I'm still fine with even a very good amount of XRP left, now in a safer place as well (thanks @gatehub for warning)

I doubt it was hacked by 2FA bypassing as for several months didn't have any login to Gatehub myself and there is no sign of a suspicious attempt to my Gatehub wallet login and I use Google Auth (not SMS). And even if it was that way they DID left more than half of my funds untouched, so I think it didn't went that way. 

Truly hope it wasn't brute forcing secrets.... THAT would be scary....

I really thinks is @gatehub fault and they should return the XRP to you and the rest of the victims.

It seems that their vault got compromised or its inside job. Either way its their fault!!!

Link to comment
Share on other sites

Also, for everyone who has had funds compromised...

Gatehub states:

Quote

 

Advanced Security and Protection

GateHub is building in best security practices to help insure that hackers don’t get in, and all funds are securely stored. We also will offer insurance products that will further safeguard gateway operators and their customers.

 

(emphasis mine).

https://gatehub.net/gateway

 

Unsure if the "insurance products" also apply to people who use their service (exchange) only, but it's definitely something to look into. 

I wish everyone the best of luck, this is f*ing ridiculous...

 

Link to comment
Share on other sites

5 minutes ago, zerocool said:

This has been happening with Gatehub for years. How are they still in business?

I know someone who lost over 1M XRP with Gatehub roughly 2 years ago, same exact thing (he bookmarked their site, had 2FA, etc). They essentially said "sorry, nothing we can do..."

In 2017, a Gatehub Phishing site was up for weeks as the first search result on Google (and was labeled "trusted"). Another issue back then IFRC was an exploit regarding their Ripple gateway, which is how many think their wallets were compromised. Still seems like we're in the wild west of crypto - Gatehub really needs to do the right thing and reimburse everyone and address/fix the problem. I'm just as mad as all of you who have lost funds.

 

This was NOT by phishing. Not in my case at least, 100% sure!

Link to comment
Share on other sites

Just now, kanaas said:

This was NOT by phishing. Not in my case at least, 100% sure!

Totally, I only mentioned that another issue in the past was that a Phishing site was some how able to get listed as a trusted website with Google, and that result was there for WEEKS. 

The person I know who lost over 1M XRP believes it was a gateway exploit. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.