So they lost about 2 million dollars. Confirmed our early call of an hack was right.
As you can read in the Gatecoin comments unders this post, on May the 9th they dismissed our call for an hack. As you can read in their statement, if they had made a more accurate investigation of the May 9th incident they could have avoided 2/3 of losses or even any loss at all.
***UPDATE: below Gatecoin official stetement:
HONG KONG – MAY 14 – Following an initial forensic investigation conducted by a professional cyber security firm, Tehtri Security, the Gatecoin team can confirm that we experienced a breach of our system, and lost 15% of our crypto-asset deposits.
The breach took place between Monday, May 9, late night HKT, to Thursday evening HKT, 12 May 2016. On Monday night HKT, May 9, we experienced a disruption of our service caused by a server reboot and so far, we strongly believe that the breach is linked to this event.
On Friday night HKT, May 13, we detected some suspicious transactions and immediately suspended our services to investigate, and to prevent any more unauthorized access to the ETH and BTC hot wallets.
We have previously communicated the fact that most clients’ crypto-asset funds are stored in multi-signature cold wallets. However, the malicious external party involved in this breach, managed to alter our system so that ETH and BTC deposit transfers by-passed the multi-sig cold storage and went directly to the hot wallet during the breach period. This means that losses of ETH funds exceed the 5% limit that we imposed on our hot wallets.
Loss of Funds
In total, the hot wallet breach resulted in the loss of ETH 185,000 and BTC 250, which is equivalent to USD 2 million. This represents 15% of total crypto-asset deposits held by Gatecoin. So far, the forensic investigation has identified the wallet addresses used by the hackers: *0x04786aada9deea2150deab7b3b8911c309f5ed90 *0xc062dceed93087c9112ff7b02d53e928e49cec09 *0x1342a001544b8b7ae4a5d374e33114c66d78bd5f *0xd4914762f9bd566bd0882b71af5439c0476d2ff6 *4a1b96b166de37860195af37b6396a0516b009536e0f332006ca61b4fab0cd08 *2f41b858712149df089c21d4e1c036e0a465335c5a29be38df8e945a51e4d809 *271c51ff2e6c84c565c94d79872a79d77726fccd47192b6c8f6745f7482e281a *435e0cc79372eef5f43d8d81320940165ea1a0828adab3fdb9822a17caffaf2b *d494c7ca3a03f30c121b02f558b068d3597092454ad325bc320383f070d536bc *90622fc9968b79c90a9ac26f11d13d8dd97ba5b7e9c103594873e6306f7357ea
The Gatecoin team greatly appreciates the patience of all users and stakeholders while we work with Tehtri Security to confirm all of the details related to the breach and ensure that our systems can be moved to a new, clean, thoroughly tested, and monitored infrastructure before services can resume.
A bespoke platform designed to enable all Gatecoin clients to withdraw their remaining funds in BTC, DAO, DGD, REP, USD, EUR and HKD will be released on May 28, 2016. The exact date when withdrawals for clients’ ETH funds has yet to be confirmed.
All DGD, REP and DAO funds are secure and Gatecoin has funded the DAO contracts for DAO token holders. 5% of all BTC funds were compromised in the breach, but 95% remain stored in multi-sig cold wallets along with the remaining crypto-assets.
All fiat currency funds held in USD, EUR and HKD are secured in segregated client accounts and can be withdrawn by clients after May 28, 2016.
The Gatecoin team is currently working on raising additional funding to cover the losses of BTC and ETH and hopes to be able to reimburse all customers that have experienced losses as soon as possible.
We sincerely apologize for all the concern experienced by our clients and for the inconvenience caused while clients wait for their fund withdrawals to be processed. Gatecoin would also like to express our gratitude to the community of exchanges that have very kindly volunteered to help identify the parties responsible for the stolen funds.
All future updates will be released on Twitter, Reddit and our homepage.
We would like to thank again all of our users, partners, and members of the community for the understanding and support they have expressed to us so far.
Aurélien Menant CEO, Gatecoin
**UPDATE: below Gatecoin announcement. Seems it will take some time to solve:
*UPDATE: seems they lost a good chunk of ether and some bitcoins. DGD tokens seem not affected. Nothing confirmed officially, anyway.
This is starting to get funny.
After we claimed a hack occurred on May the 9th, Gatecoin recovered. Circumstances of the sudden down time were fuzzy, since at the start Gatecoin claimed maintenance, then went dark for hours, sparking panic through their user community, then recovered and said it was just server malfunction.
The day after, Gatecoin went up and down several times, wiping all the trading books. Anyway withdrawals were regularly executed and funds were recovered. Nobody claimed fund loss. Trading started again.
Now, this happens.
If you want a play-by-play breakdown of what occurred on May the 9th see below.
One thing is for sure: Gatecoin cannot handle all the traffic it is getting.
–original May 9th post—
CASE CLOSED: non hack occurred. No funds were lost
*******UPDATAE: Gatecoin now up.
******UPDATE: After calling the solution of the case here we are again.
Gatecoin is down. Anyway withdrawals were correctly executed during the up time.
This seems mostly a technical issue.
ISSUE SOLVED: if somebody lost funds please report in the comment section
*****UPDATE: this is the Gatecoin answer to a user on Facebook:
and this from Twitter:
****UPDATE: this is Gatecoin answer on twitter
“We apologise for the disruption experienced by some users accessing our website. We are looking into the cause and will update you all asap!”
Wasn’t it maintenance?
***UPDATE: from the Digix slack, devs&users seem confident this is nothing. Nobody heard anything from Gatecoin though. Last time I was able to connect to Gatecoin there were big BTC deposits sitting on the DGD books.
**UPDATE: something definitely not right
*UPDATE: we sent a tweet to @Gatecoin. Still no answer.
As I am writing this Gatecoin is offline.
It showed a maintenance page for 1 hour, then it shut down.
The maintenance page called for tweet updates that didn’t came.
This looks like a hack. As for now the hack is non confirmed, but by early indicators it seems likely.
Gatecoin managed 70% of DGD trading volumes.
This could have huge consequences over DGD price, since hackers are not known for their balanced selling strategy.
Let’s see what happens.
Stay tuned with the latest.