Crypto.com, the popular cryptocurrency exchange platform, halted all deposits and withdrawals on Monday, January 11, citing “unauthorized activity” on some accounts. It has, however, reinstated some accounts and withdrawal services, noting that the accounts are now safe.
News From Yesterday
According to security and data analytics firm PeckShield, Crypto.com has been the latest target of a cyberattack, with about $15 million worth of cryptocurrency stolen. At least 4,600 Ether has been taken from some of the exchange’s accounts.
Crypto.com issued a tweet informing users that a number of users have reported suspicious behavior on their accounts. Withdrawals will be temporarily halted as their staff investigates the situation. All of the monies are safe, according to the message.
We have a small number of users reporting suspicious activity on their accounts.
We will be pausing withdrawals shortly, as our team is investigating. All funds are safe.
— Crypto.com (@cryptocom) January 17, 2022
Dogecoin (DOGE) founder Billy Markus spotted a strange transaction pattern on Etherscan, leading the firm to suspend all transactions until it can figure out what’s wrong with their platform.
Several users reported on social media that their tens of thousands of dollars worth of digital assets had vanished from the exchange.
I really hope @cryptocom gets their shit together. Because a lot of theft is going on and if you check https://t.co/tO1rPRGTgC from the cryptocom wallet address. You’ll see a bunch of 2ETH to 5ETH transactions being sent to wallets with single transactions. How did it bypass 2FA?
— BEN BALLER™ (@BENBALLER) January 17, 2022
Ben Baller, a cryptocurrency enthusiast and jeweller, claimed that his account had been hacked and that he had lost 4.28 Ether (ETH) (about $15,000). He also said he used two-factor authentication, meaning that the suspected criminals had to get around some of Crypto.com’s security measures.
BTC/USD yet to break psychological barrier. Source: TradingView
Tornado Cash was used to move the funds, making it harder to track. Technical glitches on cryptocurrency trading platforms have been increasingly widespread in recent months. Even some of the most prominent crypto exchanges have experienced significant disruptions during peak period.
Related article | Sports NFT Marketplace Lympo Suffers An $18.7 Million Hack
Crypto.com Lost $15 Million To The Hack
Although Crypto.com claims that the accounts are safe, Peckshield, a blockchain security and data analytics firm, claims that the exchange has lost a whopping $15 million in the recent theft, or at least 4,600 ETH.
The @cryptocom loss is about $15M with at least 4.6K ETHs and half of them are currently being washed via @TornadoCash https://t.co/PUl6IrB3cp https://t.co/6SVKvk8PLf pic.twitter.com/XN9nmT857j
— PeckShield Inc. (@peckshield) January 18, 2022
CEO Kris Marszalek stated on Twitter that no customer funds had been lost. In reaction to the event, the Crypto.com team reinforced the exchange’s security infrastructure, he noted. The security incident is currently being investigated internally at the exchange.
Some thoughts from me on the last 24 hours:
– no customer funds were lost
– the downtime of withdrawal infra was ~14 hours
– our team has hardened the infrastructure in response to the incidentWe will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
After hours of waiting, Crypto.com tweeted that security on all accounts is being increased out of an abundance of caution, asking users to sign in to their App & Exchange accounts and Reset their 2FA. They also stated that this update will be gradually given out to users over the next few hours. Withdrawals will be re-enabled once this process is completed. They stated that they recognize that this may be inconvenient for users, but that security comes first.
With over 10 million customers, Crypto.com is one of the most popular trading platforms in the United States. We’d like Crypto.com to provide us with more information about this.
Related article | Largest DeFi Hack Yet? BadgerDAO Hack Results In Loss Of $120M+