Hackers have siphoned 23.2 million Ripple coins (XRP), worth around $9.5 million, from GateHub cryptocurrency wallets.
Confirmed by the platform on Thursday, the cybercriminals compromised around 100 XRP Ledger wallets on the platform.
According to GateHub, the hackers used API calls to carry out the attack, however, details of the attack are still unknown, and the platform is still investigating on the matter.
“API requests to the victim’s accounts were all authorized with a valid access token. There were no suspicious logins detected, nor there were any signs of brute forcing,” the official statement noted.
“We have however detected an increased amount of API calls (with valid access tokens) coming from a small number of IP addresses which might be how the perpetrator gained access to encrypted secret keys.”
The suspicious API calls stopped when the platform disabled access to the tokens on June 1, GateHub detailed.
CEO Spotlight: Alon Rajic on the Future of UK/EU Trade and EconomicsGo to article >>
The platform has also involved law enforcement agencies to continue its investigation on the attack.
Tracked down attackers
A contributor in the XRP Forensics published a report on June 5 mentioning some details about the theft including 12 suspected wallet accounts involved in the attack with their transaction details.
As some are aware, 80+ XRP accounts connected to @gatehub have been emptied in thefts the past week, and it appears to be ongoing. Here is our overview of the case. Consider keeping your funds safe by moving your long term holdings to new accounts.https://t.co/FKZxPPduxE
— XRP Forensics (@xrpforensics) June 5, 2019
“As of writing this report, 2019-06-05 16:00 UTC, we gather that ~23,200,000 XRP has been stolen from 80-90 victims, of which ~13,100,000 XRP have already been laundered through exchanges and mixer services,” Thomas Silkjær, a member of XRP Forensics and the researcher on the case, stated.
Similar to GateHub’s in-house investigators, Silkjær even could not pinpoint the exact method used by the attackers to siphon the digital coins.