Rewterz Threat Update – Around $112 Million Worth of Ripple XRP Stolen from Ripple Co-Founder’s Crypto Wallet

Severity

High

Analysis Summary

Cybercriminals stole about $112 million worth of cryptocurrency focused on Ripple XRP from a crypto wallet of the co-founder and executive chairman of Ripple, Chris Larsen.

The executive chairman confirmed that the cybercriminals gained unauthorized access only to his personal XRP accounts while Ripple itself wasn’t affected. The team was able to identify the problem quickly and freeze the affected wallet addresses. Law enforcement has also been notified.

The crypto researcher who first discovered the breach also stated that the hackers tried to launder the stolen cryptocurrency through various crypto exchanges and platforms including Gate, MEXC, Binance, OKX, Kraken, HTX, and HitBTC. A spokesperson from Binance has said that the company is actively supporting the investigation. Kraken has also stated that they have an incident response team to undertake a proactive review of open source for identifying such incidents and that they will engage with the victims.

The interesting part is that it is not confirmed who the owner of the compromised wallet is, as there is a possibility that it might not be Ripple’s wallet. This is backed up by the data that shows the hacked wallet was activated by a separate wallet on November 5, 2018, and this wallet was activated by Larsen’s account on February 6, 2013, almost one month after his account was created. When the researchers shared this with Ripple, the company’s spokesperson said that Ripple wasn’t impacted.

Whatever the case may be, this incident is so far the largest cryptocurrency theft of 2024, and the twentieth largest theft of cryptocurrency in recorded history. Last year, cybercriminals committed the theft of around $2 billion in cryptocurrency.

Impact

• Cryptocurrency Theft
• Financial Loss

Remediation

• Cryptocurrency companies should bolster their overall security posture by implementing advanced security measures, including multi-factor authentication (MFA), strong access controls, and encryption.
• Exercise caution when clicking cryptocurrency-related ads.
• Be vigilant and thoroughly research platforms before connecting cryptocurrency wallets.
• Conduct regular security audits and vulnerability assessments to identify and remediate potential weaknesses within cryptocurrency platforms and wallets.
• Educate users about security best practices, including how to recognize phishing attempts, safeguard private keys, and enable strong authentication methods.
• Perform red team exercises to simulate attacks and identify vulnerabilities.
• Deploy advanced threat detection tools that monitor for anomalous activities and unauthorized access attempts on cryptocurrency platforms.
• Implement network segmentation to contain and isolate potential threats to limit their impact on critical systems.
• Never trust or open links and attachments received from unknown sources/senders.