GateHub struggles with huge data leak – 1.4 million accounts disclosed

Finding the personal data on the Internet is probably the nightmare of everyone. Especially users of online banking or cryptocurrencies should be particularly scared of this. Although Bitcoin & Co. are themselves secured against manipulation and hacks via the blockchain. However, anyone who gets mail, passwords, wallet addresses and thus the account access of a stranger holds his crypto assets directly in his hands.

Such a rude awakening had to be experienced by the customers of the Wallet operator GateHub. After a database containing the alleged data of around 1.4 million users was already available on the Internet in October, the security expert Troy Hunt from the service provider "Have I Been Pwned?" Confirms their authenticity. He is sure that the e-mail addresses posted in a well-known hacker forum come from GateHub Accounts and the connected account data is therefore genuine.

Like the tech messaging service Ars Technica Reportedly, GateHub was hit hard by the hack, which is said to have happened in August. In addition to the encrypted access data for the crypto-wallets, the 3.72 gigabyte-heavy database published on the Internet should contain, among other things, the keys for two-factor authentication as well as so-called mnemonic phrases of the users. The latter represent a word list that contains in abbreviated form all Wallet information.

GateHub users are in luck

However, customers could breathe a sigh of relief that their passwords themselves, but their encrypted hashes, have come into the hands of the criminals. When they were made, the Bcrypt process was used, which is considered particularly safe. Decryption, which leads to the actual login data, can thus be virtually ruled out if used correctly.

GateHubs had initially assumed in August that far fewer users would have fallen victim to the hackers. In a mail opposite Ars Technica tells GateHub to continue investigating the alleged attack. The service provider gives his customers a first all-clear:

The alleged GateHub database is carefully reviewed by our team. Therefore, we can not confirm the authenticity currently. (…) According to what we have collected so far, this contains no wallet hashes.

Now you want to re-encrypt all affected accounts.

In addition to the customer information of the Wallet operator, the leaked database also contains user details of the gaming service provider EpicBot. The IP addresses of a total of 800,000 users came to the public.

Bitcoin Exchanges & Wallet Operators: Safe but not unbeatable

Although cryptocurrencies such as Bitcoin & Co. are indeed protected by the architecture of the blockchain, the blockchain itself can only be changed under astronomical endeavors. However, wallet providers, and Bitcoin stock exchanges in particular, offer attack surfaces through their centralized administration, which criminals have used numerous times in the past.

Also for GateHub it is not the first time that hackers target the company. In June, the wallet operator suffered losses of almost nine million euros. Back then, hackers captured the credentials of around 100 ripple wallets.

/*load_extJS();*/ window.addEventListener("load", function(event){ setTimeout(function(){load_extJS();},10000); setTimeout(function(){load_innerJS();},10000); setTimeout(function(){load_extCss();},5000); lazyloadimages(0); }); window.addEventListener("scroll", function(event){ load_all_js(); load_extCss(); }); window.addEventListener("mousemove", function(){ load_all_js(); load_extCss(); }); window.addEventListener("touchstart", function(){ load_all_js(); load_extCss(); }); function load_all_js(){ if(wnw_first_js == false && lazy_load_js.length > 0){ load_extJS(); } if(wnw_first_inner_js == false){ load_innerJS(); } if(mousemoveloadimg == false){ var top = this.scrollY; lazyloadimages(top); mousemoveloadimg = true; } } function load_innerJS(){ if(wnw_first_inner_js == false){ for(var key in lazyload_inner_js){ if(lazyload_inner_js(key) != ""){ var s = document.createElement("script"); s.innerHTML =lazyload_inner_js(key); document.getElementsByTagName("body")(0).appendChild(s); } } wnw_first_inner_js = true; } } function load_extJS() { if(wnw_first_js == false && lazy_load_js.length > 0){ lazy_load_js.forEach(function(script) { var s = document.createElement("script"); s("type") = "text/javascript"; for(var key in script){ console.log(key); s.setAttribute(key, script(key)); } console.log(s); document.getElementsByTagName("head")(0).appendChild(s);

}); wnw_first_js = true; } } var exclude_lazyload = null; var win_width = screen.availWidth; function load_extCss(){ if(wnw_first_css == false && lazy_load_css.length > 0){ lazy_load_css.forEach(function(src) { var load_css = document.createElement("link"); load_css.rel = "stylesheet"; load_css.href = src; load_css.type = "text/css"; var godefer2 = document.getElementsByTagName("style")(0); if(godefer2 == undefined){ document.getElementsByTagName("head")(0).appendChild(load_css); }else{ godefer2.parentNode.insertBefore(load_css, godefer2); } }); wnw_first_css = true; } }

window.addEventListener("scroll", function(event){ var top = this.scrollY; lazyloadimages(top); lazyloadiframes(top);

}); setInterval(function(){lazyloadiframes(top);},8000); setInterval(function(){lazyloadimages(0);},3000); function lazyload_img(imgs,bodyRect,window_height,win_width){ for (i = 0; i -1){ var s = document.createElement("script"); var code = str; s.onload = function(){ console.log("loaded"); } try { s.appendChild(document.createTextNode(code)); document.getElementsByTagName("head")(0).appendChild(s); } catch (e) { s.text = code; document.getElementsByTagName("head")(0).appendChild(s); }

/*document.getElementsByTagName("head")(0).appendChild(s);*/ break; } } delete ads(i).classList.remove("lazyload-ads");

} } } } lazyloadimages(0); function lazyloadiframes(top){ var bodyRect = document.body.getBoundingClientRect(); var window_height = window.innerHeight; var win_width = screen.availWidth; var iframes = document.getElementsByTagName("iframe"); lazyload_img(iframes,bodyRect,window_height,win_width); }

Be sure not to miss any important news related to Cryptocurrencies! Follow our news feed in the way you prefer; through Twitter, Facebook, Telegram, RSS or email (scroll down to the bottom of this page to subscribe). Bitcoin never sleeps. Neither do we .

Disclaimer: This press release is for informational purposes only, the information does not constitute investment advice or an offer to invest. The opinions expressed in this article are those of the author and do not necessarily represent the views of CriptomonedaseICO , and should not be attributed to, CriptomonedaseICO .

¿Utilizas Telegram? Únete a la mejor comunidad de trading en Telegram para recibir Señales Exclusivas de Compra y Venta de criptomonedas, acceso a nuestros Cursos Gratuitos, debates y análisis de proyectos! //


Deja una respuesta

Su dirección de correo electrónico no será publicada.

15 − 10 =

Suscríbete a nuestro Boletín de Noticias
Regístrese aquí para recibir las últimas noticias y actualizaciones directamente en su bandeja de entrada.
Puedes darte de baja en cualquier momento