The Crypto.com saga of security breaches surfaced with an official statement issued by a cryptocurrency exchange in Singapore after withdrawals were halted after “suspicious activity” was discovered on user accounts.
In a statement on Thursday, Crypto.com said that “4,836.26 ETH, 443.93 BTC, and approximately $66,200 in other currencies” were taken from customer accounts without their permission. The total loss is currently estimated at $33.8 million at current market value.
After the security breach, many Crypto.com users complained that their funds had been stolen. However, the company’s previous response failed to allay concerns.
At around 12:46 UTC on Monday, Crypto.com’s risk control systems detected “unauthorized activity on a small number of user accounts” when transactions were approved without a user entering two-factor authentication (2FA), according to an official statement. document.
The exchange continued to halt withdrawals and cancel all 2FA client tokens, adding further security restrictions that require everyone to re-login and reactivate their 2FA token before only authorized actions are allowed, as explained in the statement. Mining infrastructure was down for 14 hours.
To prevent such an incident from happening again, Crypto.com claims to have implemented an extra layer of protection whereby a new whitelisted withdrawal address must be registered within 24 hours prior to the first withdrawal.
“Users will be notified when withdrawal addresses are added to give them sufficient time to respond and respond,” the statement said.
On Wednesday, Crypto.com CEO Chris Marsalek told Bloomberg that the exchange has not received any reports from regulators about the incident. He completed:
“Of course, this is a good lesson, and we are constantly working to strengthen our infrastructure.”
Related Topics: Secret Network Offers $400 Million Funding To Reveal Secrets To Others
According to PeckShield, more than $15 million in Ether (ETH) has been stolen. On Monday, the blockchain security company tweeted that about half of the funds were sent to Tornado Cash for “laundering.” Another analyst at blockchain computer firm OXT Research said the theft could cost the exchange $33 million in stolen assets.
