a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k

[getitdone 147]

What i don't understand is what we know. We know for fact 500,000 xrp was recaptured by changenow. Why wouldn't gatehub request that 500,000 xrp and gave back 2% back to all victims per xrp stolen? This would show at least they care about people that lost their coins. I don't understand why wouldn't that be announced in recent update and action already taken @gatehub ?

[JLCali 12]

Gatehub's statement said" we kindly ask our customers to remain patient" but the title of the post said "Final Statement" which is weird.

Waiting for their actual response and reimbursement activity is probably best before legal action. BUT, I think we should all find out what the Statute of Limitations (SOL) are in our respected countries. A quick google search has this for me in my location in the USA:

"Most California misdemeanors have a statute of limitations of one year.

But, under California Penal Code 801 PC, felonies have a SOL of three years.

Some examples of common California theft crimes are:

petty theft,

grand theft, and

burglary.

One of the main reasons the law puts limits on when a criminal case gets filed is to preserve a sense of fairness for the defendant."

[at3n 286]

1 hour ago, getitdone said:

Why wouldn't gatehub request that 500,000 xrp and gave back 2% back to all victims per xrp stolen?

That would put them on very shaky ground. Gatehub doesn't own the XRP, it was stolen directly from individual wallet owners. I would be pretty angry if my XRP was stolen, recovered and then distributed to other people without me giving my consent. Even if some people would be happy for that to happen, I don't think Gatehub can make that decision on their behalf.

It may be impossible to work out exactly who owns what, but worst case, only people who's XRP was sent to ChangeNow should receive XRP back from that pot, IMO.

Maybe by combining xrpforensics data and the exchange logs, they can even work out exactly who's XRP was not exchanged?

Minefield

[ShimsXRP 2]

Hello - I was wiped of six figures of XRP on July 15th from GATEHUB.   Gatehub Support has not been helpful.   I was the victim of a SIM SWAP.  They somehow also added a device to my AUTHY account.  This is very scary stuff. If anyone has tips/advice please let me know.  

[Xrylite 113]

2 hours ago, at3n said:

That would put them on very shaky ground. Gatehub doesn't own the XRP, it was stolen directly from individual wallet owners. I would be pretty angry if my XRP was stolen, recovered and then distributed to other people without me giving my consent. Even if some people would be happy for that to happen, I don't think Gatehub can make that decision on their behalf.

It may be impossible to work out exactly who owns what, but worst case, only people who's XRP was sent to ChangeNow should receive XRP back from that pot, IMO.

Maybe by combining xrpforensics data and the exchange logs, they can even work out exactly who's XRP was not exchanged?

Minefield

Massive respect for making such a logically sound and convincing statement. I thrive on logic and feel like I must agree that this may need to be the outcome that happens. You can absolutely see how crypto that aims to be anonymous can be a whole different maze in the legal realm.

Yes, everyone would want some fairness and equality for everyone affected, but there's a dangerous line when it comes to the legality of decisions. Since we could track whose XRP moved where, we'd know exactly whose money was recovered. The only hurdle would be if all that money was sent to a single wallet, and then that single wallet sent a portion to another wallet, which was the one they actually recovered. In that case, we can't deduce whose money was chosen to be sent to that second wallet. In that case, I think they would need to fail back to the proportional split between everyone's money that landed in that first wallet.

If this was a bank heist with physical money, the outcome would be different since the physical money would be agnostic to who it was stolen from. Conversely, if someone stole a bunch of jewelry from a repair shop, they wouldn't recover just your grandma's wedding ring and split that proportionally to everyone.

[at3n 286]

1 hour ago, ShimsXRP said:

Hello - I was wiped of six figures of XRP on July 15th from GATEHUB.   Gatehub Support has not been helpful.   I was the victim of a SIM SWAP.  They somehow also added a device to my AUTHY account.  This is very scary stuff. If anyone has tips/advice please let me know.  

Very sorry to hear that, that's very scary when you think about it. The only advice I can give is to go through every online account that you own and recreate the credentials and 2-factor authentication, after checking to make sure that another email address or phone number hasn't been added that the attackers could use to get back in. It may be worth getting an entirely new email address or even phone number to separate yourself from the attackers.

Please report this to your local authorities, and if you're happy to, perhaps share some details with the xrpforensics team (@Silkjaer) in case this ends up being the same attacker.

Do you have any idea how the attackers got to know any of your details to begin with? Did one of your accounts have a weak password, or was involved in another hack?

[ShimsXRP 2]

4 hours ago, at3n said:

Very sorry to hear that, that's very scary when you think about it. The only advice I can give is to go through every online account that you own and recreate the credentials and 2-factor authentication, after checking to make sure that another email address or phone number hasn't been added that the attackers could use to get back in. It may be worth getting an entirely new email address or even phone number to separate yourself from the attackers.

Please report this to your local authorities, and if you're happy to, perhaps share some details with the xrpforensics team (@Silkjaer) in case this ends up being the same attacker.

Do you have any idea how the attackers got to know any of your details to begin with? Did one of your accounts have a weak password, or was involved in another hack?

Hello - Thank you. My password was complicated. In addition to 2FA SMS, I also had the AUTHY app which the attacker added their device too somehow.   @Silkjaer if you can assist that would be great.  I have no idea how the attacker connected my phone to my GMAIL account. The only thing I can think of is the information was retrieved from @gatehub .  Gatehub mentioned phone numbers were not taken during the attack, but there is no other way this attacker would be able to connect it. The AT&T account is not even in my name, I am just a line on a family plan.

 

Timeline:

Sunday July 7 6:50AM EST - I receive two texts from Google asking me to verify a log into my Gmail with a Google Pin.   I do not think anything of it, but go in and change my password, and check if anything is different. 

 

Tuesday July 9 5:15PM EST - My phone loses service, I can not call or text (not even over Wi-Fi).  Not sure what's going on I turn phone/data on/off still nothing. I contact other members on my family plan, and their phones are working fine.  I run to apple store (across the street from me). I see a tech there who dials in AT&T support. It takes about two hours, but AT&T support thinks the Apple tech messed up my SIM card. She reconnects me, and before signing off give me the number for the fraud department.  I don't notice any rogue sign ins or email access attempts during this time, I write it off as a glitch and go about my night.

Monday July 15 2:00PM EST - My phone loses service again.  At the same time I am at my desk, and notice GOOGLE emailing me critical security alert sign in attempts sign in.  That's when it hit me they were trying to get into my gmail account using the 2FA from google.  I quickly change the password back and let google know it is not me on the other devices.  Not having access to my phone I used my other recovery email to reset the password.  The attacker than just reset it again using the phone.  I was able to reset a 4th time, but what I failed to do was click the button that signed myself out of all other web browsers instantly.

At 2:15PM in a full panic not sure what they are going after still, I get an alert from AUTHY that a new device was added to my app.  (The same LINUX device that was hacking my GMAIL).  Then immediately I emailed @gatehub support that I am being hacked and to lock my account.  At 2:18 and 2:19 I got two emails of New Device Authorization from Gatehub, I deleted both and removed from my trash within seconds.  I was too late, by 2:24PM six figures of XRP were moved to a new account.  Here is the link showing the wallets transactions including my withdrawal. 

https://bithomp.com/explorer/rswQEtBU9M3bG97uVcPu5xPUsg68wo7aQc

At 4:11PM GateHub let me know my account was now locked.  

 

[James21 17]

I feel your pain. All of us here were victims of these thieves. Gatehub did not protect our XRP/ripple funds. I think all of us are to the point of seeking legal action against them.

[jlripple 92]

6 hours ago, at3n said:

Very sorry to hear that, that's very scary when you think about it. The only advice I can give is to go through every online account that you own and recreate the credentials and 2-factor authentication, after checking to make sure that another email address or phone number hasn't been added that the attackers could use to get back in. It may be worth getting an entirely new email address or even phone number to separate yourself from the attackers.

Please report this to your local authorities, and if you're happy to, perhaps share some details with the xrpforensics team (@Silkjaer) in case this ends up being the same attacker.

Do you have any idea how the attackers got to know any of your details to begin with? Did one of your accounts have a weak password, or was involved in another hack?

Gatehub system is not secure. with strong password + 2fa the hacker just gained the keys from access tokens which gatehub does not explain how. Just get away from them.

[Geekluca 61]

So, this post is cooling down. Exactly like @gatehub was hoping. 

I think we should seriously start to prepare a class action against them. I am still on holidays but I will be back next week and ready to start working on it . 

This story cannot end with two winners (hackers and gatehub) and all of us losing money. 

Edited July 25, 2019 by Geekluca

[James21 17]

Yes you are right Geekluca we need to all get on a class action lawsuit against Gatehub, and ripple should also be pressed for telling us to migrate to them. Ripple should have never been associated with such a messed up company.

[at3n 286]

2 hours ago, Geekluca said:

This story cannot end with two winners (hackers and gatehub) and all of us losing money. 

Oh come on... without meaning to downplay the suffering of the victims; how on earth do you think Gatehub is a winner in this??

By all means pursue legal action as you see fit, but stick to the facts please. Sensationalizing the situation does not help.

[James21 17]

Definitely a law suit needed. How many here have reached out to the Sharova law group or any other so we can all get in a class action law suit.

[Selective 33]

We need a law firm experienced or at least worked before In similar cases otherwise It will take forever, However @gatehub  Should at least give us an answer If they'll compensate or not. without being shady as they're acting right now.

[getitdone 147]

i strongly suggest for everyone that had account on gatehub to call you phone company and forbid them from allowing anyone to port your number without physically walking into location with photo ID and requesting it. My phone was ported couple weeks ago and yesterday my friend got his phone number ported. We both had accounts on gatehub. I'm not sure if this is coincidence but understand the risk of loosing your phone number anytime if you don't call your carrier and ask them to block your line from porting over. It takes 8+ days to get your number back depending how quick your local police and turn over police report.