Hacken Detects Insider Role in Ripple’s $112.5M Hack

LUCKNOW (CoinChapter.com) — Cybersecurity firm Hacken fears that the recent Ripple hack, wherein the company’s co-founder lost 213 million XRP worth $112 million, was an insider job. Earlier, markets speculated the event as a typical cyber theft.

According to the firm’s report on Feb. 8, the hacker transferred the stolen fund across eight exchange addresses, including Binance, Kraken, and others. 

The attacker swiftly consolidated $70.9 million of the stolen XRP into a single wallet whose address started with “rHyqB.” This wallet address then laundered the funds through intermediaries before entering a Binance deposit account.

Evidence Presented by Hacken on Ripple Hack

Hacken’s investigation uncovered alarming connections between the hacked wallets and accounts linked to the company. The firm traced one of the intermediary wallets back to “rU1bPM4”. This wallet address has a history of $64.6 million XRP transactions with Larsen himself. This same suspect wallet also transferred a smaller sum of $37,500 directly to another wallet controlled by the attacker.   

Even more damning, “rU1bPM4” was involved in nearly $2 million of transfers to a Kraken address in 2020 — the same exchange later used by the hacker to cash out the stolen funds.

Hacken concludes this “rU1bPM4” wallet has a longstanding connection with XRP predating the hack. The overall analysis suggests that an insider with intimate knowledge of Ripple’s operations might be responsible for the hack.

However, Hacken has cautioned against drawing definitive conclusions at this early investigation stage. The findings have raised concerns, but the details and implications remain uncertain as the probe continues.

The revelations spark questions about security practices at Ripple. Binance’s involvement in freezing $4.2 million worth of the stolen assets also highlights the collaborative efforts within the community. Still, the potential inside links to the attack are troubling and underscore the ecosystem’s vulnerabilities, even among established organizations.

CEO Clash — Larsen and Garlinghouse Disagree on Ripple’s Wallet Security

Last week, Larsen confirmed that several of his personal XRP accounts were hacked. Law enforcement quickly acted, and exchanges were notified to freeze the affected addresses.

It’s suspected that hackers exploited the compromised private keys for theft. 

Larsen responded to the breach and reassured the community, stating:

This is an isolated incident, and Ripple wallets are secure/were never compromised. We’ve confirmed nearly all the affected funds were converted out of XRP.

On the other hand, Ripple CEO Brad Garlinghouse rebutted claims, indicating a security lapse within the firm’s managed wallets. He labeled the speculation “irresponsible” and clarified that no wallets were compromised.