Unofficial investigation puts the number of victims between 80 and 90 users. Unknown how hackers stole money from users.
Hackers have stolen from users of GateHub’s cryptocurrency wallet service 23.2 million Ripple coins (XRP), worth almost $9.5 million.
In a preliminary statement posted on its website, the company admitted the security breach.
While the personnel are still investigating the incident that resulted in customer funds siphoned out of GateHub wallets, the company believed that the hacker abused the API to perpetrate the attacks even when it was unsure how.
“However, we have detected an increased number of calls from a small number of IP addresses, which could mean that the perpetrator has access to encrypted secret keys,” said the company.
“It still doesn’t explain how the perpetrator was able to obtain further information necessary for decrypting the secret keys.” All access toks were disabled on June 1. Supreme API calls were stopped after that, “said GateHub.
COMMUNITY TRACKED DOWN HACKERS
A report from XRP Forensics, a group of XRP Community members working to prevent and counter scams on XRP Ledger, contained more about theft, such as a history of suspicious transactions and 12 of the XRP addresses the hacker has collected.
“When we write this report, 2019-06-05 16:00 UTC, we find that~23,200,000 XRP have been stolen from 80-90 victims, of which ~13,100,000 XRP have already been laundered through exchanges and mixer services,” said Thomas Silkjær, a member of the XRP Forensics team.
Also, Silkjær could not identify the method by which hackers stole XRP funds from GateHub accounts.
GateHub stated that the law enforcement authorities were notified and promised to issue an official statement after the internal investigation had ended.
This is the second safety incident today that has affected the cryptocurrency community. Earlier today, the Komodo Platform allowed its own users to hack funds from back door wallets before hackers could have the opportunity to steal users ‘ money. The company will enable users to retrieve their funds.