Hackers attacked Gatehub, a crypto wallet service and made away with 23.2 million ripple coins (XRP). The stolen coins are worth approximately $9.5 million at the time of writing.
Gatehub confirmed this theft yesterday unveiling that the attackers stole the funds from its crypto wallets. According to the firm, the thieves managed to access approximately 100 XRP wallets.
Hackers Used APIs
While details of the theft are still unknown, the firm believes that the criminals used APIs. The platform is still probing the matter to get more details.
The preliminary statement noted,
API requests to the victim’s accounts were all authorized with a valid access token. There were no suspicious logins detected, nor there were any signs of brute forcing,
We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys.
Gatehub revealed that the API calls stopped after the platform restricted access to the tokens on June 1. Apart from carrying out internal investigations, the firm has also involved authorities to help probe the matter.
Tracing the Attackers’ Transactions
After the theft, Thomas Silkjær, a contributor in the XRP Forensics posted a blog that gave more details about the theft.
Per the blog post,
On June 1 we were made aware of a theft of 201,000 XRP … and immediately started investigation. It turned out that the account robbed was managed through Gatehub.net, and that the offending account (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from several other XRP accounts, likely to be or have been managed through Gatehub.net.
Thomas added that he found 12 other suspect accounts after probing the matter further. He also found that 13.1 million of the stolen coins had already been laundered via exchanges and miner services.
Despite his efforts, Thomas also failed to find the exact method that the attackers used to steal the funds.
Crypto thefts have continued increasing despite numerous attempts to curb them. According to a report, crypto platforms lost $356 million worth of crypto to bad actors in the first three months of this year. In the past month, Binance lost 7,000 BTC to hackers. At the time of the hack, the coins were worth approximately $41 million. Before the Binance theft, hackers had stolen from Cryptopia, Coinbene, and Bithumb among other exchanges.
Do you think creating clear crypto rules can help reduce thefts in the space? Let us know in the comments below.