As per the announcement, GateHub’s wallet users are being sent malicious mails from addresses that appear as if they’re from GateHub: “@gatehub.com” & “@gatehub.net.”
The mails instruct the users to transfer their funds to a “secure” wallet, that is managed by the hacker, as their private keys are allegedly compromised because of insufficient security precautions.
GateHub outlined that additionally to the attack being an unaffiliated phishing attempt, the service provider has never issued private keys via mails. [GateHub] also revealed a ‘timeline‘ of its correspondences to customers, so that they can verify whether or not the mails received from GateHub are genuine.
As ‘reported‘ earlier, GateHub is estimated to possess lost nearly $10 Mln’s from its ‘XRP‘ wallets via this attack recently discovered at the beginning of June. The attack reportedly affected over 100 wallet users with around 23.2 Mln ‘XRP‘ combined.
In line with a ‘report‘ by a community member who investigated the attack, Thomas Silkjær, the aforesaid hacker doesn’t seem to be the result of phishing attempts. Whereas Silkjær was able to reach a definitive conclusion on what mechanism led this multi-million hack, progressive nonces and old database leaks are mentioned as possibilities of this attack.
GateHub has since ‘initiated‘ an investigation relating to finding the actual reasons behind this ‘hack‘ and has also suggested several security measures users should take in order to secure their ‘crypto‘ assets.