Stolen 24 Million XRP is on the Move

Reading Time: 2 minutes

Towards the end of May and into early June, GateHub suffered a hack that saw around 25 million XRP stolen and moved to a new wallet. The hacker managed to gain access to thousands of private keys and this gave him the power to move all the XRP to his own accounts. Nearly a month later, the hacker has started to cash out the XRP by transferring it to various exchanges. Around 24.2 million XRP has been sent to exchanges and sold off into fiat.

Not all Exchanges are Helping

A company called XRP Forensics has been tracking the funds and notifying exchanges when stolen XRP hits their accounts. While most have been helpful in shutting these accounts down and recovering the XRP, one has stood out as rather unhelpful. OKEx was notified that 1,500 XRP hit its accounts, but nothing was done. Since then, around 13 million XRP of the stolen XRP has landed in OKEx accounts and sold off for fiat. OKEx has not responded to any comments from XRP Forensics or said that it has seized any of the funds.

A Different Style of Attack

The attack on GateHub was noticeably different when compared to other hacks on crypto exchanges. Rather than hitting the GateHub hot wallets, the hacker managed to obtain private keys of users and exploit their wallets. It’s the first time this has been done on such a scale, and it’s pointing to an inside job. Someone who works at GateHub could possibly have access or the means to access the private keys of users. It wouldn’t be the first time we have seen insiders hack their own company, with Bithumb insiders stealing $18.5 million earlier this year.

Not Just Ripple Moving XRP

We’re relatively used to large amounts of XRP moving around, but usually it’s Ripple sending it to partners. Earlier this year, we saw Ripple move 13 billion XRP from escrow to unidentified wallets. This latest move though is definitely from the hacker and not Ripple, this can be seen by tracing the XRP through the wallets used.

Unfortunately, as long as OKEx remains uncooperative in the case, a large portion of the stolen XRP will never make its way back into the hands of its rightful owners. It’s not yet clear how GateHub will reimburse hodlers, but it comes as yet another warning. Never keep your funds on a crypto exchange, always store them in your own wallet – it’s safer!