Jump to content

a few user reported their gatehub wallet been hacked and XRP sent to r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k


Recommended Posts

  • Replies 1.2k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

On June 1 we were made aware of a theft of 201,000 XRP (transaction F6E9E1385E11649A6C2F88723A821AF209B54030886539DCEF9DDD00E6446948) and immediately started investigation. It turned out that the acco

Hey all! We are aware of the matter and are looking into it. If anyone has any information please contact us at: security@gatehub.net   GateHub

Reminder: There is no direct evidence pointing to Gatehub being responsible even though it may appear as the most likely scenario right now. Just be careful about jumping to conclusions What you c

To Gatehub, ...  From : a loss of 1,250,000 XRP's .....                 1.You obviously are not going to do the right thing because the price of XRP is approximately 40% cheaper now then when this hack occurred which would be a 40% replacement savings.2. And just how can you run a business without ( I am assuming) Insurance for incidents that occurred as this. I myself as others on this blog had the rug pulled out from under us. 3. Ripple also is washing their hands of this even though they recommended using Gatehug for storage of  XRP.

My future life style  , future donations to charity,  future bonuses to employees have been greatly jeopardized by your lack of ...... what the hell like this really matters to you. 

 

Link to post
Share on other sites

To Gatehub:   From 1,250,000 XRP loser......

We now you are monitoring this site yet little response. Basically the only response in general we are receiving " we are still investigating ". You could at least inform us your intent of our loss or are you just preventing future hacking and ignore your mistakes of our loss. From the amount of views and replies you are receiving a lot of bad publicity! I'm not going to let this expensive issue lay dormant.  Please don't let me give in to Hayes Connor for help. 

Link to post
Share on other sites
  • 2 weeks later...
  • 3 weeks later...
Quote

VinnyTroia:  Why was prosox arrested?

Snoupinet:   Because I have him a lot of money related to gatehub despite his lack of role compared to maxime

Snoupinet:   I know you have a hard time believing me

Snoupinet:   But I was freed and not them

Snoupinet:   Mainly because I came to gatehub

Snoupinet:   And helped authorities recover most of the funds

Snoupinet: So I know ddb lies to investigators

Snoupinet:   Prosox tried to hide his 90 BTC

Snoupinet:   Both are in prison

https://www.dataviper.io/blog/2019/gnosticplayers-part-1-nclay-ddb-nsfw/

So where are the recovered funds?

Link to post
Share on other sites
VinnyTroia:  Why was prosox arrested?

Snoupinet:   Because I have him a lot of money related to gatehub despite his lack of role compared to maxime

Snoupinet:   I know you have a hard time believing me

Snoupinet:   But I was freed and not them

Snoupinet:   Mainly because I came to gatehub

Snoupinet:   And helped authorities recover most of the funds

Snoupinet: So I know ddb lies to investigators

Snoupinet:   Prosox tried to hide his 90 BTC

Snoupinet:   Both are in prison

https://www.dataviper.io/blog/2019/gnosticplayers-part-1-nclay-ddb-nsfw/

So where are the recovered funds?

 

My gutfeeling...,

- stolen XRP is traded by the hackers (not recoverable as they were)

- LEA is making progress (some proof by this blog) and already has a few in prison

- GH anticipated with a reserve to refund (remember @silkjear discovered a large tx from ripple to GH about the same amount of stolen XRP)

- GH is not willing (ashamed?) or not allowed to talk until legal and justice acting has been completed

- And finally, every single REPORTED stolen XRP will be refunded from the GH reserve

- Victims who went to court might even win a lawsuit from GH and "recover" some possible losses (not able to trade/sell those XRP for several months, psychological suffering,...)

Link to post
Share on other sites

I assume weak passwords were brute forced? My account was also in that database, with a balance that could be profitable. It was not stolen but I was using a strong, unique and long password. Passwords were stored as a bcrypt hash, which has built-in salting and some resistance against brute forcing. If you're using a weak password, or re-using passwords from other (possibly leaked) sites it's instant game over.

Just my guess though. If someone actually knows, please enlighten me :)

Link to post
Share on other sites
15 hours ago, tulo said:

To me it is not clear yet HOW they got the funds from the leaked database.

Gnosticplayers said that an online community dedicated to cracking hashes was used to break the Gatehub account password hashes. 

The password hashes were obtained from the stolen database.

API authorisation tokens were also taken from the stolen database, which were used to retrieve encrypted secret keys from the API, until Gatehub invalidated the tokens.

https://gatehub.net/blog/gatehub-update-investigation-continues/

The encrypted secret keys were decrypted using the cracked passwords.

 

That's what I've gathered from the various information available; I'm not an authoritative source.

It's also not clear who is telling the truth, but the above seems plausible.

Link to post
Share on other sites
2 hours ago, at3n said:

Gnosticplayers said that an online community dedicated to cracking hashes was used to break the Gatehub account password hashes. 

The password hashes were obtained from the stolen database.

API authorisation tokens were also taken from the stolen database, which were used to retrieve encrypted secret keys from the API, until Gatehub invalidated the tokens.

https://gatehub.net/blog/gatehub-update-investigation-continues/

The encrypted secret keys were decrypted using the cracked passwords.

 

That's what I've gathered from the various information available; I'm not an authoritative source.

It's also not clear who is telling the truth, but the above seems plausible.

 

4866DC4A-7814-4864-937E-399B03DDD979.jpeg

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.