Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

$33.8 Million Stolen From Crypto.com Over Security Breach on Monday

Yusuf Balogun
Yusuf Balogun
Yusuf is a law graduate and freelance journalist with a keen interest in tech reporting.

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

With a formal statement from the Singapore-based crypto exchange announcing a block on withdrawals after discovering “strange actions” in user accounts, the Crypto.com security breach narrative gains clarity.

Crypto.com announced on Thursday that “4,836.26 ETH, 443.93 BTC, and about US$66,200 in other currencies” had been taken without permission from clients’ accounts. According to the current market value, the total loss is estimated to be roughly $33.8 million.

Several Crypto.com users have complained that their money has been taken as a result of a security vulnerability. The company’s past comments, however, have failed to allay fears.

According to the official statement, Crypto.com’s risk monitoring systems discovered “unauthorized activity on a small number of user accounts” on Jan. 17, 2022, around 12:46 AM UTC, where transactions were authorized without the user entering the 2FA authentication control.

As mentioned in the announcement, the exchange halted withdrawals and revoked all client 2FA tokens, as well as installed even more security hardening measures that required everyone to re-login and reactivate their 2FA token before enabling only approved action. For a total of 14 hours, the withdrawal infrastructure was unavailable.

To prevent such an occurrence in the future, Crypto.com claims to have added an extra layer of safety, requiring a new whitelisted withdrawal address to be registered within 24 hours of the first withdrawal.

“Users will receive notifications that withdrawal addresses have been added, to give them adequate time to react and respond,” the statement reads.

According to Bloomberg, Crypto.com CEO Kris Marszalek stated on Wednesday that the exchange has not received any communication from regulators regarding the incident. He went on to remark:

“Obviously, it’s a great lesson, and we are continuously strengthening our infrastructure.”

Over $15 million in ETH has been stolen, according to PeckShield. Half of the cash had been delivered to Tornado Cash “to be cleansed,” according to the blockchain security firm’s tweet on Monday. The heist could have cost the exchange $33 million in stolen funds, according to another researcher from blockchain data firm OXT Research.

Join 10,000+ Fellow Readers

Get Techgenyz’s roundup delivered to your inbox curated with the most important for you that keeps you updated about the future tech, mobile, space, gaming, business and more.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic