January 21, 2022
Singapore-based platform Crypto.com said that the customer account breached, cryptocurrencies worth $34 million stolen, according to a statement released on 20th January 2022.
Here’s a breakdown of the story:
- On 17th January 2022, some users of the platform raised concerns regarding unauthorized crypto withdrawals on their accounts. This means that transactions were being authorized without the two-factor (2F) authentication control being entered by the user.
- At the same time, the platform halted withdrawals. In an interview with Bloomberg, Kris Marszalek, CEO of Crypto.com, said that the exchange was back online after 13-14 hours of downtime and that all impacted customers had been fully reimbursed with the stolen funds.
- After an internal investigation, it was found that a total of 483 accounts were compromised in the data breach. The unauthorized withdrawals totaled 4,836.26 Ethereum, 443.93 Bitcoin, and $66,200.
- The platform currently has over 10 million users and is implementing a new 2FA infrastructure with a mandatory 24-hour delay between registration of a new whitelisted withdrawal address and the first withdrawal.
- The company said that they would also implement the Worldwide Account Protection Program (WAPP) to protect user funds in the event that a third party gains unauthorized access to their account withdraws funds without the user’s permission.
- Crypto.com was the latest of many security breaches and disruptions that have exploited network vulnerabilities over the years.
About the author
Sharan Kaur Phillora’s thirst for knowledge has led her to study many different subjects, including NFTs and Blockchain technology – two emerging technologies that will change how we interact with each other in the future. When she isn’t exploring a new idea or concept, she enjoys reading literary masterpieces.