According to reports from GateHub about its investigations, the exchange first noticed the intrusion after a sudden increase in API calls was detected. GateHub was, however, able to identify 103 of its users XRP Ledger wallets that had suffered during the attack out of more than 18,000 accounts that were “potentially affected” by the suspicious API calls.
GateHub did not release any statement as to how the funds were stolen. It was an analysis by XRPForensics that showed that the exchange lost over 23.2 million XRP during the hack. This is approximately US$10 million at the time of the theft.
The stolen funds were transferred to several exchanges to ensure ease of cash out. Some of the exchanges include: AlfaCashier, Binance, Changelly, ChangeNow, Exmo, HitBTC, Huobi, and KuCoin. XRPForensics pointed out that none of the recipient exchanges were in support of the theft.
ChangeNow saves the day
Investigations are still ongoing, but there is already some good news. Crypto exchange ChangeNow, one of the recipient exchanges used by the hackers to try to cash out the stolen XRP, have actively been supporting the investigation. After the hack, the exchange took measures to blacklist all the addresses in connection with the hack.
In an official statement released on its blog yesterday, the exchange explained how it had been able to stop “a solid number of XRP exchanges” that the hackers tried to carry out on its platform. The hackers in total tried to cash out 2.5 million XRP on ChangeNow, and although the exchange was unable to stop all transactions, they managed to recover 500,000 XRP.
According to the official statement: “All stolen exchange deposits retained during the hack have been frozen and are stored on a secure cold wallet. We will be sure to return the funds to GateHub.”
This is definitely good news, but ChangeNow regrets that it was unable to safeguard users funds and promises to improve its risk management system while creating closer ties with the investigating officials of other exchanges.