Skip to main content

2FA compromise led to $34M Crypto.com hack

posted onJanuary 20, 2022
by l33tdawg
Tech Crunch
Credit: Tech Crunch

Crypto.com shared new details about a recent hack on its platform last weekend in a statement on its website today, saying 483 of its users were affected and that unauthorized withdrawals of over $15 million worth of ETH, $19 million worth of BTC and $66,200 in “other currencies” occurred. The total losses, worth over $34 million at current cryptocurrency values, are even higher than what analysts had predicted before Crypto.com released its statement.

The company’s post-mortem comes just one day after CEO Kris Marszalek acknowledged the breach in an interview with Bloomberg TV. His confirmation of the breach came after multiple Crypto.com users alleged their funds had been stolen — complaints that had until then been met with vague responses from the company, referring only to an “incident.” Marszalek did not share details on how the breach occurred during the interview, though he did confirm that Crypto.com had reimbursed all the impacted accounts.

Today’s statement said Crypto.com detected the suspicious activity on Monday where “transactions were being approved without the 2FA authentication control being inputted by the user.” The site suspended all withdrawals for 14 hours to investigate the issue. Crypto.com did not say how the attacker was able to approve transactions without triggering 2FA, which is mandatory for all users. When TechCrunch reached out for more details, the company declined to comment on the breach outside of the statement issued today.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th