According to a report published by Ars Technica, over 1.4 million GateHub crypto wallets have been compromised. The discovery was made by researcher Troy Hunt, who runs the “Have I Been Pwned” website.
In addition to GateHub, a database of 800,000 EpicBot RuneScape bot users has been published online.
Hunt reported that GateHub users’ personal information was also published online. These include registered email addresses, passwords, two-factor authentication keys, mnemonic phrases and wallet hashes.
Apparently, the databases include registered email addresses and passwords that were encrypted using the bcrypt function. If the function is implemented correctly, it is very difficult to break, but there were many instances when programming errors made decryption very simple.
Investigation behind the curtain
Company officials said that so far, no funds have been withdrawn from the respective portfolios. The wallet provider is currently conducting an investigation, but has not yet posted an official announcement regarding the situation.
This is not the first time that the Gatehub database is compromised. In June, hackers accessed about 100 Ledger XRP wallets, leading to theft of nearly $ 10 million in cryptocurrencies.
Also in June, Gatehub warned that there is a phishing campaign targeting users of the crypto wallet. According to the company, users of the GateHub wallet were receiving malicious emails from addresses such as @ gatehub.com and @ gatehub.net.