XRP Forensics in Hot Pursuit of Gatehub Hackers, Identifies 12 Possible Perps

Another day, another crypto-hack.  From exploits to exit scams, the song remains the same – it’s just the technology that is different. The bad guys are always looking for new and devious ways to steal money from the unsuspecting.

The most recent hack came courtesy of Gatehub. In a statement last week, Gatehub admitted that XRP (Ripple) had been pilfered from Ledger wallets.

“Although we have not identified any action or omission by GateHub that may have facilitated or allowed this apparent theft to occur, we apologize deeply to all of our customers for this issue and pledge to get to the bottom of it,” stated Gatehub management.

Gatehub said that approximately 100 wallets had been compromised. Gatehub told their customers that they had engaged the appropriate law enforcement agencies as well as professional forensic teams.

The very next day, XRP Forensics identified accounts connected with the theft. On June 1, the forensics team said they were made aware of a theft of 201,000 XRP and immediately started an investigation. The crypto sleuths said the following accounts were the primary suspects:

  • rU6EsDCiHHYbTtA4uGGo8zaaiRz2sbDBST
  • rN5Gm1FijbTVeYFfpTRfGKfNZQY7hc9TbN
  • rprMix9uYyQng5vgga1Vg8HTeBMCzaeM2i
  • rUvPCdYJMzzGu9AFKrNeKgCTpxrpFc3RHt
  • rJpKe5rbjgzzGJc1wm1xqKj6j4UjBQ6s48
  • rGSWKo2oiJnJiPEoHvDZTK2XG7RtE62Cbh
  • rpBDxqWArAQTEfPeWwkUvBh1cbc885nirX
  • r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k
  • rKZ14F9KT65chQ382M33U41a4eniGMAyfG
  • rpfcbzdZZSWdB5EWDGcQvD5ycFhM6jdhpZ
  • rHvWywQiexNeCLWTa9dBjHTMAtt6tPN7Z1
  • rMcqiWXMJEAEMXaFFgnjeuASwAMmef8B8c

While the perps may have been identified, the crypto laundering process commenced almost immediately:

“… we gather that [approximately] 23,200,000 XRP has been stolen from 80–90 victims, of which ~13,100,000 XRP have already been laundered through exchanges and mixer services.”

So a bit over $9 million in crypto had been stolen.

XRP Forensic said the following services were used to “cash out” but were NOT complicit: changelly, changenow, kucoin, huobi, exmo, hitbtc, binance, alfacashier.

On June 7th, GateHub provided an update on the investigation estimating that 18473 accounts, 5,045 having XRP wallets with active balances, were impacted by the attack. GateHub warned users to move any balances from XRP Ledger wallets.

“We are hopeful we can nail the perpetrator,” stated GateHub management.

Part of the challenge is the fact once crypto moves, it can move quickly, ignoring geographic boundaries. Law enforcement capabilities can vary dramatically, depending on the country.

This crypto theft is still developing. Hopefully, Gatehub and team can track the bad guys down.

Sponsored Links by DQ Promote

Send this to a friend