With a formal statement from the Singapore-based crypto exchange announcing a block on withdrawals after discovering “strange actions” in user accounts, the Crypto.com security breach narrative gains clarity.
Crypto.com announced on Thursday that “4,836.26 ETH, 443.93 BTC, and about US$66,200 in other currencies” had been taken without permission from clients’ accounts. According to the current market value, the total loss is estimated to be roughly $33.8 million.
Several Crypto.com users have complained that their money has been taken as a result of a security vulnerability. The company’s past comments, however, have failed to allay fears.
Following the 17th of Jan security incident, we are sharing our findings below, together with enhancements we’ve made to our security infrastructure and the introduction of the Worldwide Account Protection Program. https://t.co/6q86r0o59V pic.twitter.com/ER7DkBoX1Z
— Crypto.com (@cryptocom) January 20, 2022
According to the official statement, Crypto.com’s risk monitoring systems discovered “unauthorized activity on a small number of user accounts” on Jan. 17, 2022, around 12:46 AM UTC, where transactions were authorized without the user entering the 2FA authentication control.
As mentioned in the announcement, the exchange halted withdrawals and revoked all client 2FA tokens, as well as installing even more security hardening measures that required everyone to re-login and reactivate their 2FA token before enabling only approved action. For a total of 14 hours, the withdrawal infrastructure was unavailable.
To prevent such an occurrence in the future, Crypto.com claims to have added an extra layer of safety, requiring a new whitelisted withdrawal address to be registered within 24 hours of the first withdrawal.
“Users will receive notifications that withdrawal addresses have been added, to give them adequate time to react and respond,” the statement reads.
According to Bloomberg, Crypto.com CEO Kris Marszalek stated on Wednesday that the exchange has not received any communication from regulators regarding the incident. He went on to remark:
“Obviously, it’s a great lesson, and we are continuously strengthening our infrastructure.”
Over $15 million in ETH has been stolen, according to PeckShield. Half of the cash had been delivered to Tornado Cash “to be cleansed,” according to the blockchain security firm’s tweet on Monday. The heist could have cost the exchange $33 million in stolen funds, according to another researcher from blockchain data firm OXT Research.
Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.
Reach our audience with your advertisements
Advertising on TechGenyz delivers results. Build your brand, increase website traffic, generate qualified leads, and drive action with our audience. Select the perfect advertising solutions for your brand.
Recent Post
Raid Medals Can Now Be Traded in Clash of Clans
- May 18, 2022
Most Popular
4 Advanced SEO Techniques to Follow in 2022
- May 18, 2022
More Stories
Grow Your Business
All Rights Reserved © 2017 - 2022