The Crypto.com security breach saga gets clarity with an official statement from the Singapore-based crypto exchange following a halt on withdrawals after detecting “suspicious activities” in user accounts.
In a statement on Thursday, Crypto.com revealed that “4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other currencies” h been taken from clients’ accounts without their permission. The overall loss is presently valued at around $33.8 million, per the current market value.
Following a security breach, several Crypto.com users have me complaints that their money h been stolen. However, the company’s previous responses h failed to quell concerns.
Following the 17th of Jan security incident, we are sharing our findings below, together with enhancements we’ve me to our security infrastructure and the introduction of the Worldwide Account Protection Program. https://t.co/6q86r0o59V pic.twitter.com/ER7DkBoX1Z
— Crypto.com (@cryptocom) January 20, 2022
On Monday, at around 12:46 am UTC, Crypto.com’s risk monitoring systems detected “unauthorized activity on a small number of user accounts” where transactions were being authorized without the two-factor authentication (2FA) control being entered by the user, according to the official document.
The exchange proceeded by halting withdrawals and revoking all customer 2FA tokens, ding even more security-hardening measures that required everyone to relog in and reactivate their 2FA token before allowing only authorized action, as detailed in the statement. The withdrawal infrastructure was down for a total of 14 hours.
To safeguard against such an accident happening again, Crypto.com claims to have implemented an ditional layer of protection in which a new whitelisted withdrawal dress must be registered within 24 hours before the first withdrawal.
“Users will receive notifications that withdrawal dresses have been ded, to give them equate time to react and respond,” the statement res.
On Wednesday, Kris Marszalek, CEO of Crypto.com, told Bloomberg that the exchange has not received any communication from regulators about the event. He went on to say:
“Obviously, it’s a great lesson, and we are continuously strengthening our infrastructure.”
Related: Secret Network offers $400M in funding to bring others in on the secret
According to PeckShield, over $15 million worth of Ether (ETH) has been stolen. On Monday, the blockchain security firm tweeted that roughly half of the funds h been sent to Torno Cash “to be washed.” Another analyst from blockchain data firm OXT Research stated that the heist may have cost the exchange $33 million in stolen assets.
META ARTICLE: Crypto.com shares details on security breach: 483 accounts compromised PUBLISHED: 2022-01-20 09:47:06 SOURCE: https://cointelegraph.com/news/crypto-com-finally-speaks-out-483-user-accounts-compromised