Jump to content
yxxyun

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

Recommended Posts

Just now, kanaas said:

This was NOT by phishing. Not in my case at least, 100% sure!

Totally, I only mentioned that another issue in the past was that a Phishing site was some how able to get listed as a trusted website with Google, and that result was there for WEEKS. 

The person I know who lost over 1M XRP believes it was a gateway exploit. 

Share this post


Link to post
Share on other sites
2 minutes ago, kanaas said:

This was NOT by phishing. Not in my case at least, 100% sure!

Have you tried contacting  huobi.com and the other exchanges the hacker sent the funds to cash out at? If you explain the situation the exchange can block the funds on the account. 

Share this post


Link to post
Share on other sites
3 minutes ago, kanaas said:

This was NOT by phishing. Not in my case at least, 100% sure!

My friend wasn’t phished either. We set the wallet up for him to place his XRP over two years ago. He then gets an email from GateHub suggesting his wallet may of been breached. When he logged on he could see he had lost 25,000XRP. This is GateHub internal issue. 

Share this post


Link to post
Share on other sites
6 minutes ago, BAX said:

And I really think that since Chris Larsen is big investor in @gatehub , should just move his finger and resolve all this and reimburse all the victims!!!!!

Please get this to Mr Larsen.

@nikb , @miguel, @JoelKatz

According to the filing data here, yes Chris still has some shares:

https://beta.companieshouse.gov.uk/company/09311138

That doesn't make him liable obviously, but someone who has lost a lot of XRP due to what they believe is Gatehub's negligence may be inclined to take it up with him.

And that's the UK company. There's a Slovenian one as well and I have no idea about that.

Share this post


Link to post
Share on other sites
1 minute ago, zerocool said:

Also, for everyone who has had funds compromised...

Gatehub states:

(emphasis mine).

https://gatehub.net/gateway

 

Unsure if the "insurance products" also apply to people who use their service (exchange) only, but it's definitely something to look into. 

I wish everyone the best of luck, this is f*ing ridiculous...

 

Before blaming Gatehub, I think we've to be sure that is was in some way THEIR fault and we also must distinct hosted wallets from Ripple wallets. The stealing clearly was from the latter in all these recent cases. Ripple wallets are ONLY protected by one or more (in case of multi-sign) secrets and can have access by whatever Ripple wallet. Hosted wallets ONLY can get opened by way of the Gatehub UI. For my part I always took security serious and I still cannot figure out where or what hole I could have left open. But my first conclusion now is more like it might be that hosted wallets on respectable exchanges (like Bitstamp for instance) might be more secure (with strong password and 2FA) than most Ripple wallets like  the one on GH.

I know the crypto specialists will tell you that cold storage is the way to go, but when it comes to complicated, many like me do not feel comfortable with those, being afraid in making stupid technical mistakes. I always saw the GH Ripple wallet as best of breed as the funds stayed on the ledger and not on the exchange. Have to admit that I saw it wrong.

Share this post


Link to post
Share on other sites
14 minutes ago, zerocool said:

Advanced Security and Protection

GateHub is building in best security practices to help insure that hackers don’t get in, and all funds are securely stored. We also will offer insurance products that will further safeguard gateway operators and their customers.

 

I think the key words here are 'will' (twice). In other words, they don't currently.

I've just has a quick look and there isn't exactly much trading going on at Gatehub. No idea if this is normal as I haven't used them in a long time. On the UK side their latest filed accounts are very old so no way of telling how viable they are as a business right now.

Share this post


Link to post
Share on other sites
17 minutes ago, kanaas said:

Before blaming Gatehub, I think we've to be sure that is was in some way THEIR fault and we also must distinct hosted wallets from Ripple wallets. The stealing clearly was from the latter in all these recent cases. Ripple wallets are ONLY protected by one or more (in case of multi-sign) secrets and can have access by whatever Ripple wallet. Hosted wallets ONLY can get opened by way of the Gatehub UI. For my part I always took security serious and I still cannot figure out where or what hole I could have left open. But my first conclusion now is more like it might be that hosted wallets on respectable exchanges (like Bitstamp for instance) might be more secure (with strong password and 2FA) than most Ripple wallets like  the one on GH.

I know the crypto specialists will tell you that cold storage is the way to go, but when it comes to complicated, many like me do not feel comfortable with those, being afraid in making stupid technical mistakes. I always saw the GH Ripple wallet as best of breed as the funds stayed on the ledger and not on the exchange. Have to admit that I saw it wrong.

I’m not trying to come off like I’m blaming them (and sorry if I did/am), I genuinely feel bad for everyone who lost funds at the expense of an exchange, where it’s users use it with the expectation of trust, and protection. Of course things do happen outside the control of an exchange, I’ve just had friends who have suffered terrible losses dating back to the days of Mt. Gox, and can only imagine the anger and frustration. Really hope more safeguards and security are put into place to better protect users (I do realize things take time.).

Share this post


Link to post
Share on other sites

Hello.  I'm a first time poster but certainly not new to XRP chat!  I've been here for years. 

I'm just devastated for those who have lost what appears to be very large amounts of XRP.  Something very strange is going on here, as whilst there seems to have been sporadic issues with Gatehub over the past few years, this seemingly mass attack appears to be very new and very different to whats happened before.

Its easy to blame malware, but it this is targeted at people who hold lots of XRP.  They know something or have access to a backdoor.  There is no other way.  If someone hasnt accessed their Gatehub account for years and only has a paper copy of their key, then a user-end hack / phishing is extremely unlikely.

On this basis I expect Gatehub will return the funds.  This is not user error unless several people are lying through their teeth.

Share this post


Link to post
Share on other sites
8 minutes ago, mothership said:

Hello.  I'm a first time poster but certainly not new to XRP chat!  I've been here for years. 

I'm just devastated for those who have lost what appears to be very large amounts of XRP.  Something very strange is going on here, as whilst there seems to have been sporadic issues with Gatehub over the past few years, this seemingly mass attack appears to be very new and very different to whats happened before.

Its easy to blame malware, but it this is targeted at people who hold lots of XRP.  They know something or have access to a backdoor.  There is no other way.  If someone hasnt accessed their Gatehub account for years and only has a paper copy of their key, then a user-end hack / phishing is extremely unlikely.

On this basis I expect Gatehub will return the funds.  This is not user error unless several people are lying through their teeth.

How would gatehub be able to return the funds? They'd go bankrupt, they are not insured.. 

Share this post


Link to post
Share on other sites
40 minutes ago, Inequivalent said:

How would gatehub be able to return the funds? They'd go bankrupt, they are not insured.. 

Well... I'm not putting any sort of guarantee on my statement, but we are not talking silly amounts of money here..  Surely someone will step in, whether is the operators themselves or people affiliated with them, otherwise they will go down for this.  People wont use them anymore.  Something has happened internally, whether its a hack of their security or an inside job.  They can't make the claims they do about 100% security and not attempt to back them up. 

The things that people are describing sounds super strange don't you think?  Almost impossible?

Share this post


Link to post
Share on other sites
53 minutes ago, Inequivalent said:

How would gatehub be able to return the funds? They'd go bankrupt, they are not insured.. 

Their trading volume was extremely low for the past year+, so they are not making a dime on that.

Agreed this looks very suspicious and 'inside job' like.
-Specific big accounts targeted and emptied.
-Some of them dorment accounts for years
-No 'new IP' warning via mail after login

GH is not going to refund it. I can't imagine they have the funds for it. Could be the end of GH or... dare I say it... an exit scam?

Share this post


Link to post
Share on other sites

I’m one of the ones that was hacked. I received an email from Gatehub today that said they suspected unauthorized activities. I had just over 31,000 XRP. I had not been into my account in over a year, so no recent activity to steal passwords. I saw that 30,000 XRP was sent to some other address. 

I had Google 2 Factor Authenticator enabled, so in order for me to see my account, I had to have the login information with password, also the 2F authentication that isn’t available to anyone without my phone, and a third level of security is that it did not recognize the computer I was on and would not let me into my account without me verifying that it was me from my personal email link. I also have never stored my secret key on anything. It is hand written on paper. 

 

Share this post


Link to post
Share on other sites
2 hours ago, kanaas said:

Yep I've seen it as well. What do you think is suspicious here? All victims seem to have received the same email from GH. So it looks like GH has detected in some way this hacking activity and they have all this "warned" victims as a client. The attackers using more than one account gather the stolen funds doesn't change that.

I guess we must wait for some official word from Gatehub, cause either indeed something sketchy going on, or it Is some massive coordinated effort to discredit their gateway and their trustworthy services over the years!  :popcorn1:

Share this post


Link to post
Share on other sites
3 hours ago, hillsey_london said:

Dear Mr XXXX,

We must inform you that due to irreversibility of the XRP Ledger transactions, we unfortunately can't refund your losses.

In case your funds have been compromised we suggest the following:

1) Make sure to transfer any remaining funds from Ripple wallets to HOSTED wallets.

2) Immediately inform local law enforcement agency and file a report.

Additionally, we kindly ask you for your cooperation to help us with the investigation.

a) Have you ever received any suspicious emails that were emulating an email from GateHub and asking for any kind of personal information related to your GateHub account? If so, please forward it to security@gatehub.net

In future, note that we only use the xxxx@gatehub.NET domain, be wary of others. We never ask for any kind of personal information (e.g. login passwords, etc.) via email. Please keep that in mind for future reference.

On the same note, please make sure to always keep your personal information safe and secure.

b) Have you ever used or are still using any other gateways besides GateHub and Ripple trade, or any other XRP Ledger network clients using the same XRP Ledger secrets?

c) Have you ever used the same login password on a website other than gatehub.net?

d) Did you have 2FA enabled for your account at the time of the unauthorised transaction?

If you have answered positively to the questions above we urge you to change your login password and enable two-step verification.
Kind regards,

Lado

That email from gatehub is a real cop out....

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...