jlripple 92 Posted July 23, 2019 Share Posted July 23, 2019 6 hours ago, at3n said: Very sorry to hear that, that's very scary when you think about it. The only advice I can give is to go through every online account that you own and recreate the credentials and 2-factor authentication, after checking to make sure that another email address or phone number hasn't been added that the attackers could use to get back in. It may be worth getting an entirely new email address or even phone number to separate yourself from the attackers. Please report this to your local authorities, and if you're happy to, perhaps share some details with the xrpforensics team (@Silkjaer) in case this ends up being the same attacker. Do you have any idea how the attackers got to know any of your details to begin with? Did one of your accounts have a weak password, or was involved in another hack? Gatehub system is not secure. with strong password + 2fa the hacker just gained the keys from access tokens which gatehub does not explain how. Just get away from them. ShimsXRP 1 Link to post Share on other sites
Geekluca 61 Posted July 25, 2019 Share Posted July 25, 2019 (edited) So, this post is cooling down. Exactly like @gatehub was hoping. I think we should seriously start to prepare a class action against them. I am still on holidays but I will be back next week and ready to start working on it . This story cannot end with two winners (hackers and gatehub) and all of us losing money. Edited July 25, 2019 by Geekluca Ghobicat, pucksterpete, Selective and 1 other 4 Link to post Share on other sites
James21 17 Posted July 25, 2019 Share Posted July 25, 2019 Yes you are right Geekluca we need to all get on a class action lawsuit against Gatehub, and ripple should also be pressed for telling us to migrate to them. Ripple should have never been associated with such a messed up company. Link to post Share on other sites
at3n 317 Posted July 25, 2019 Share Posted July 25, 2019 2 hours ago, Geekluca said: This story cannot end with two winners (hackers and gatehub) and all of us losing money. Oh come on... without meaning to downplay the suffering of the victims; how on earth do you think Gatehub is a winner in this?? By all means pursue legal action as you see fit, but stick to the facts please. Sensationalizing the situation does not help. Selective 1 Link to post Share on other sites
James21 17 Posted July 25, 2019 Share Posted July 25, 2019 Definitely a law suit needed. How many here have reached out to the Sharova law group or any other so we can all get in a class action law suit. Link to post Share on other sites
Selective 33 Posted July 25, 2019 Share Posted July 25, 2019 We need a law firm experienced or at least worked before In similar cases otherwise It will take forever, However @gatehub Should at least give us an answer If they'll compensate or not. without being shady as they're acting right now. Link to post Share on other sites
getitdone 147 Posted July 26, 2019 Share Posted July 26, 2019 i strongly suggest for everyone that had account on gatehub to call you phone company and forbid them from allowing anyone to port your number without physically walking into location with photo ID and requesting it. My phone was ported couple weeks ago and yesterday my friend got his phone number ported. We both had accounts on gatehub. I'm not sure if this is coincidence but understand the risk of loosing your phone number anytime if you don't call your carrier and ask them to block your line from porting over. It takes 8+ days to get your number back depending how quick your local police and turn over police report. at3n, Jillian and ShimsXRP 2 1 Link to post Share on other sites
Geekluca 61 Posted July 26, 2019 Share Posted July 26, 2019 16 hours ago, at3n said: Oh come on... without meaning to downplay the suffering of the victims; how on earth do you think Gatehub is a winner in this?? By all means pursue legal action as you see fit, but stick to the facts please. Sensationalizing the situation does not help. Where are the losses for Gatehub at this specific stage? Link to post Share on other sites
kanaas 3,903 Posted July 26, 2019 Share Posted July 26, 2019 Where are the losses for Gatehub at this specific stage?Clients & trust - two major assets for an xchange or gateway at3n 1 Link to post Share on other sites
raulnavarro 6 Posted July 26, 2019 Share Posted July 26, 2019 On july 15th I received an email from gatehub telling me that: Our Security Team found no evidence of unauthorized access to your individual account. How can they say this? They know that a transfer was made from my account on may 25th and on my access log shows that I did not logged into GateHub any day of May... It's ridicolous. Then the hacker sent the XRP ro hitBTC without destination tag, so my XRP are there in a wallet because no destination tag means no client wallet has my XRP (hitbtc company wallet does) and no one is returning them to me... It's crazy.... ShimsXRP 1 Link to post Share on other sites
Geekluca 61 Posted July 26, 2019 Share Posted July 26, 2019 2 hours ago, kanaas said: Clients & trust - two major assets for an xchange or gateway They are losing them due to the way the managed the hack: communication, refund, etc. so it’s very well deserved ShimsXRP 1 Link to post Share on other sites
ShimsXRP 2 Posted July 26, 2019 Share Posted July 26, 2019 1 minute ago, raulnavarro said: On july 15th I received an email from gatehub telling me that: Our Security Team found no evidence of unauthorized access to your individual account. How can they say this? They know that a transfer was made from my account on may 25th and on my access log shows that I did not logged into GateHub any day of May... It's ridicolous. Then the hacker sent the XRP ro hitBTC without destination tag, so my XRP are there in a wallet because no destination tag means no client wallet has my XRP (hitbtc company wallet does) and no one is returning them to me... It's crazy.... The same thing happened to me, although they knew my attack was literally just compromised by the attacker. I've been sick to my stomach for two weeks over this. We need to get the ball rolling on the class action at the least. Ghobicat 1 Link to post Share on other sites
kanaas 3,903 Posted July 26, 2019 Share Posted July 26, 2019 1 hour ago, Geekluca said: They are losing them due to the way the managed the hack: communication, refund, etc. so it’s very well deserved yep, but "well deserved losses" are still losses .... and not a "profit" at3n 1 Link to post Share on other sites
jag216 1,812 Posted July 28, 2019 Share Posted July 28, 2019 On 7/26/2019 at 1:14 AM, getitdone said: i strongly suggest for everyone that had account on gatehub to call you phone company and forbid them from allowing anyone to port your number without physically walking into location with photo ID and requesting it. My phone was ported couple weeks ago and yesterday my friend got his phone number ported. We both had accounts on gatehub. I'm not sure if this is coincidence but understand the risk of loosing your phone number anytime if you don't call your carrier and ask them to block your line from porting over. It takes 8+ days to get your number back depending how quick your local police and turn over police report. 'simjacking' is definitely a phenomenon on the rise. Happens a lot in clubs in coordination with a girl who is working as an accomplice and flirtatiously gets your phone number seeing you have an iphone, then later you discover your number has been added to another person's account and suddenly you are locked out of all your 2FA and email. https://www.wired.com/story/sim-swap-attack-defend-phone/ https://hackernoon.com/sim-jacking-attacks-are-on-the-rise-for-crypto-holders-829899dab2f8 Link to post Share on other sites
jargoman 849 Posted July 28, 2019 Share Posted July 28, 2019 3 hours ago, jag216 said: 'simjacking' is definitely a phenomenon on the rise. Happens a lot in clubs in coordination with a girl who is working as an accomplice and flirtatiously gets your phone number seeing you have an iphone, then later you discover your number has been added to another person's account and suddenly you are locked out of all your 2FA and email. https://www.wired.com/story/sim-swap-attack-defend-phone/ https://hackernoon.com/sim-jacking-attacks-are-on-the-rise-for-crypto-holders-829899dab2f8 The fact that the attackers used the API to get access to the database but did not access the phone numbers could be a clue. Maybe the attacker already had the phone numbers. I still am not satisfied with Gatehubs response. Was there a security flaw in gatehubs system? Was it patched? Is it safe to recommend new users use gatehub? I've sold my gatehub iou's because I can't guarantee Gatehubs solvency. I've had a gatehub account hacked in the past. I thought my ripple trade migration password was brute-forced from a bitcointalk database leak but I'm not sure. It's not like me to use the same password for multiple sites if there is money involved. The password that was bruteforced was alwayswinning! I know it's a weak password. It's possible that I was hacked the same way these 81+ users were. ShimsXRP 1 Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now