Crypto.com Admits Hackers Stole $34 Million From Users

A crypto exchange Crypto.com confirmed that hackers stole nearly $34 million during Monday’s hack.

In a Tuesday update, the exchange revealed that hackers stole 443.93 bitcoin ($18.7 million), 4835.25 ether ($15.2 million) and approximately $66,200 in USD.

The company faced criticism over its communication after the incident. The company’s CEO only confirmed the hack on Wednesday, three days after it took place.

In total, the hack affected 483 users. However, Crypto.com said that they fully reimbursed all of them.

The exact details of how the attack happened are still not public. However, the exchange did reveal that on Monday, at “approximately 12:46 AM UTC”, they detected strange activity in some of the accounts.

Specifically, they detected transactions that came through without users passing 2-factor authentication (2FA).

“This triggered multiple teams to assess the impact,” the exchange said. They also suspended all withdrawals during their investigation.

As a response, the exchange revoked all 2FA tokens. Unfortunately, that means that users will have to update their authentication tokens. Moreover, users will now have to enable 2FA to withdraw their funds.

On-chain data shows that hackers are currently laundering 4600 Ether on Tornado Cash and ETH mixer protocol. Criminals often use these mixers to erase their tracks on the blockchain.

New Security Measures

Kris Marszalek, the CEO of Crypto.com, said that the safety of their customers’ funds is their highest priority.

We are continually enhancing our Defence-in-Depth security and protection measures. While we are reminded of the existence of bad actors intent on committing fraud, this new Worldwide Account Protection Program, along with our new MFA infrastructure, gives our users unprecedented protection of their funds, and hopefully, peace of mind.

To prevent similar hacks in the future, the company came up with some updates to account security.

Firstly, the platform will notify users when their withdrawal addresses change. Users will also have to wait 24 hours before withdrawing crypto to newly added wallets.

Moreover, if another hack somewhat does happen, users will benefit from an additional layer of protection.

Namely, Crypto.com will start a “Worldwide Account Protection Program” (WAPP). The program will protect qualified users from hacks up to $250,000 in value.

Users will have to pass specific requirements to qualify for protection. For example, they will have to from 2-Factor Authentication to Multi-Factor Authentication. Moreover, they will have to set up an anti-phishing code and avoid using jailbroken devices.

In the event of a hack, they will have to file a police report and complete a forensic questionnaire.

Bitcoin live price
price change

Crypto.com made news last year after buying the naming rights to the Los Angeles Staples Arena. The stadium now goes by Crypto.com Arena. In addition, its massive marketing efforts briefly gave it the number one spot on the U.S. Google Play store.

Stay up to date with our latest articles