GateHub, one of many websites that provide crypto wallet services to traders in digital currency, has been breached, compromising the data of 1.4 million of its users.
Personal info for sale
According to a report by Ars Technica, Troy Hunt, the good Samaritan security researcher behind the Have I Been Pwned breach notification service, confirmed that the stolen data worth 3.72 Gb in size has been posted online.
Hackers are known to often post data they’ve stolen online in the reaches of the dark web on hacker forums and other shady platforms, where malicious parties can purchase access to this data in exchange for a fee, usually in digital currency. This was the case with the account information of Disney+ users that were stolen recently, where hackers were either offering user info for free, or for a fee ranging between $3-$11.
Among the stolen data of GateHub users were two-factor authentication keys, mnemonic phrases, and wallet hashes, although GateHub officials said an investigation suggested wallet hashes were not accessed, Ars Technica clarified.
Crypto-related hacks more common
one of many crypto wallet providers that have been breached in recent times. The new and mostly unregulated nature of cryptocurrencies and their storage methods proves attractive for the crypto-savvy hacker, especially when considering the profit that can be made.GateHub is
As for GateHub, this isn’t the first time they have been breached. Another smaller-scale breach occurred during June of this year.
“In June, hackers were reportedly able to compromise around 100 XRP Ledger wallets, which resulted in nearly $10 million in stolen funds,” crypto site Coin Telegraph notes.
“One of the more disastrous hacks in recent years was the Slovenian-based Bitcoin (BTC) mining marketplace, NiceHash,” the news site continues. “A hacker stole approximately 4,700 Bitcoin, worth about $64 million at the time of the hack in December 2017. The platform called the security breach a highly skilled and organized attack that was carried out with sophisticated social engineering.”
Even Mt. Gox, the largest Bitcoin exchange in the early days of this decade, handling almost 70% of all Bitcoin transactions globally, saw its world collapse. After suffering a hack in 2011 that saw 2609 Bitcoins stolen from users on the platform, threat actors followed up with a massive 2014 breach that put Mt. Gox out of business. According to Mt. Gox, more than 750,000 Bitcoins (around $350 million) were stolen from them, causing them to file for bankruptcy.
Precautions to take
Today, crypto traders can adopt some healthy practices to minimize risk of a hack.
Given the vulnerability of digital wallets and their providers (like GateHub), crypto traders luckily have two other options: hardware wallets, where a wallet key is stored on an external storage device, or literal physical paper wallets, with their wallet key typed on a piece of paper.
Another form of crypto-based attacks is where threat actors install malicious software on your computer, forcing it to crypto mine for currencies without your knowledge, which eats up your processing power and raises the electricity bill. This is known as crypto jacking. You can protect yourself from this by installing software that locks out your PC from crypto mining. An anti-virus software is also helpful in this case.
There are plenty of other precautions you can take to protect yourself if you decide to take the crypto plunge. Cryptocurrencies are still relatively very new, so one must operate with caution.