Another hacking is in the books. This time, the unlucky victim is Gate Hub, a wallet service that must now explain a near $10 million in Ripple’s XRP losses to its customers.
Another Hack Added to the Ledger
In a statement on its website, the company admits to a recent data breach and states that while it is presently unsure how the hacker (or hackers) gained access to the money, executives believe they “abused its API to carry out the attacks.”
The statement explains:
We have detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys. That, however, still doesn’t explain how the perpetrator was able to gain other required information needed to decrypt the secret keys. All access tokens were disabled on June first after which the suspicious API calls were stopped.
The situation is unique in the sense that the hackers involved in the attack were tracked down not by the company itself, but by the Ripple community. People are beginning to fight back against malicious oppressors – always a good sign that individuals wish to see the cryptocurrency arena made more legit.
A report was ultimately published by a group of XRP community members that call themselves XRP Forensics. These persons work to fight and prevent scams that occur on the XRP blockchain and publish information about thefts and cyberattacks, so the rest of the community can remain aware. The report shows that the group uncovered a history of “suspicious transactions” and 12 separate addresses to which the hacker sent the funds taken from Gate Hub.
Thomas Silkjaer, a member of the group, explained in an interview:
As of writing this report, 2019-06-05 16:00 UTC, we gather that around 23,300,000 XRP has been stolen from 80-90 victims, of which around 13,100,000 XRP have already been laundered through exchanges and mixer services.
This Is Looking Very Familiar
Sadly, neither Silkjaer nor his team were able to understand how it was the hacker gained access to the coins in the first place. While some of the money has been found according to the report’s details, important data regarding the threat remains elusive. Gate Hub says that it is currently performing an internal investigation and it has notified the law officials about the attack.
Instances like these are becoming far too common given the status of the cryptocurrency arena. Digital assets, while still relatively new in comparison to standard investments like gold, silver, stocks and bonds, have been around for over ten years at press time. One would assume that necessary security measures have been boosted at this stage, though this doesn’t appear to be the case. Problems like SIM-swapping are still running rampant, and investors are advised to remain extremely careful.