Jump to content
yxxyun

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

Recommended Posts

7 minutes ago, superboon said:

this is why it will be hard to find the real people behind the scenes. I dont want to imagine innocent Gatehub customers being accused of money laundering or theft whilst the real criminals can feel safe opening accounts with stolen  IDs.

You're describing a worst case scenario, but there is no reason to believe, or any indicators pointing to KYC material being stolen. The stolen funds has been processed through less than 20 exchanges, some of which don't have KYC requirements and are exchanging services. On other exchanges they have re-used old exchange accounts, that are connected to other criminal activity. The stressful boost in liquidating funds yesterday and today leaves much room for errors and slip-ups. I am convinced that law enforcement will have an easy job of finding at least some of the perpetrators behind the heist.

Share this post


Link to post
Share on other sites
Posted (edited)
15 minutes ago, mrenne said:

I would not go that far, this is quite a heavy assumption you are making here.

What sense does it make to verify accounts with stolen ID's? It is much easier to fake passports. And some services don't even require KYC information if you don't want to withdraw fiat to a bank account.

is it far fetched? maybe? is it possible? Definitly. These files were not more secured than encrypted secret keys.  You assume the thiefs are plain stupid and use their real names? There is no need to fake something if you can use originals without risk to reveal ur id.

If you have adminrights on gatehub to access encrypted secret keys surely you arealso able  to copy KYC documents which are probably not even encrypted.

Also if you do investigations how can you not consider a worst case scenario?

 

Edited by superboon
edit

Share this post


Link to post
Share on other sites
1 minute ago, superboon said:

You assume the thiefs are plain stupid and use their real names? 

No, if you read what I wrote I said they used fake passports and services without KYC verification.

Share this post


Link to post
Share on other sites
9 minutes ago, superboon said:

Also if you do investigations how can you not consider a worst case scenario?

 

Nothing wrong with considering worst case scenarios. But likely Gatehub doesn't even store KYC material themselves. And I'd rather focus on more likely scenarios first, since the evidence on the XRPL doesn't point in that direction :)

Share this post


Link to post
Share on other sites
21 minutes ago, mrenne said:

I would not go that far, this is quite a heavy assumption you are making here.

What sense does it make to verify accounts with stolen ID's? It is much easier to fake passports. And some services don't even require KYC information if you don't want to withdraw fiat to a bank account. 

it makes sense since you dont need do any effort to fake ids if you have originals. Secondly you dont run risk to get detected since the used ID is legit.

more over in case your account gets blacklisted you have a scapegoat and no risk for yourself.

 

 

Share this post


Link to post
Share on other sites
4 minutes ago, Silkjaer said:

Nothing wrong with considering worst case scenarios. But likely Gatehub doesn't even store KYC material themselves. And I'd rather focus on more likely scenarios first, since the evidence on the XRPL doesn't point in that direction :)

Every FI with KYC has! to store your documents , being  able to hand it to authorities in case of any legal actions.

Share this post


Link to post
Share on other sites
Just now, superboon said:

Every FI with KYC has! to store your documents , being  able to hand it to authorities in case of any legal actions.

Also if they use a KYC service provider that does all the processing?

Share this post


Link to post
Share on other sites
5 minutes ago, superboon said:

it makes sense since you dont need do any effort to fake ids if you have originals. Secondly you dont run risk to get detected since the used ID is legit.

more over in case your account gets blacklisted you have a scapegoat and no risk for yourself.

Every self respecting criminal has a couple of fake passports on stock. Those are very easy to get hold of.

But anyway, you can believe what you want. The largest amounts have been laundered through Changelly and ChangeNOW which do not require KYC information, that's of course not a coincidence.

Share this post


Link to post
Share on other sites
1 minute ago, mrenne said:

Every self respecting criminal has a couple of fake passports on stock. Those are very easy to get hold of.

But anyway, you can believe what you want. The largest amounts have been laundered through Changelly and ChangeNOW which do not require KYC information, that's of course not a coincidence. 

ok i get that point. the question is still valid. Has personal info on GH also got compromised.

9 minutes ago, Silkjaer said:

Also if they use a KYC service provider that does all the processing? 

why are you asking? I dont know,  im assuming they hold it but could you clarify ? If not  ofc my concerns are not valid.

Otherwise you HAVE to take this scenario serious and into consideration.

best regards

 

 

Share this post


Link to post
Share on other sites
Posted (edited)
6 minutes ago, superboon said:

ok i get that point. the question is still valid. Has personal info on GH also got compromised.

Of course the question is valid. I was only reacting because you did not ask the question, you wrote "we must assume" and there are NO reasons to assume it has been the case.

6 minutes ago, superboon said:

why are you asking? I dont know,  im assuming they hold it but could you clarify ?

GateHub, just like many other exchanges and financial institutions, has outsourced their KYC/AML. They are using the German company http://4stop.com

This is a highly specialized company with a good reputation. Although GateHub remains legally responsible, they don't do this kind of stuff themselves any more so most likely their KYC data is not even stored on their own servers.

Edited by mrenne

Share this post


Link to post
Share on other sites
2 hours ago, gatehub said:

Dear community,

 

We are in contact with all exchanges involved and are working together with law enforcement to freeze the transactions.

Due to an ongoing investigation and  security reasons we can not share any more information. 

 

We would like to thank all exchanges for their cooperation. 

 

GateHub Team

This is madness two weeks down the strech and your still investigating without statement for the victims.

Absolute Joke!

Share this post


Link to post
Share on other sites

@gatehub Can we know if deleted wallets are at risk too? You never told us what was happening to deleted wallets. The only asnwer I remember is that after 1 month they were going to be deleted from any database.

Is that true?

Do we need to secure also those wallets?

Share this post


Link to post
Share on other sites
13 minutes ago, Jillian said:

Has anyone noticed any discrepancy on their Gatehub Access log.  On my Access log in,  it always shows "sign in" except for the day the wallet was hacked.  Same IP address as I have always used appears also.

Its because they didn’t logged in to your account on Gatehub UI. They use the back door so it doesn’t trigger any notifcations.

Share this post


Link to post
Share on other sites
Posted (edited)
48 minutes ago, tulo said:

@gatehub Can we know if deleted wallets are at risk too? You never told us what was happening to deleted wallets. The only asnwer I remember is that after 1 month they were going to be deleted from any database.

Is that true?

Do we need to secure also those wallets?

 

Don't know, but would guess that is prudent.

 (I remember the same verbiage, re: deletion, but I always made a note when I shared any ledger address skey with GateHub - or anyone - just in case.)

Edited by NightJanitor

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...