Hackers stole $34 million in funds from 483 Crypto.com users.
On Thursday, the cryptocurrency exchange published a blog post discussing the hack after users noticed suspicious activity on their accounts. According to Crypto.com, about $19 million in Bitcoin and another $15 million in Ethereum was drained during the breach.
The good news for affected users is that Crypto.com is covering any losses. “In the majority of cases we prevented the unauthorized withdrawal, and in all other cases customers were fully reimbursed,” the Singapore-based company said.
However, Crypto.com did not reveal how the hack occurred. The company’s blog post merely notes that its security systems first detected suspicious activity on Monday, when a “small number” of accounts began approving transactions without the two-factor authentication login from the user. With a two-factor authentication system, a user must input the correct password along with a one-time passcode that’s usually generated on the account holder’s smartphone.
The statement from Crypto.com suggests the hackers found a way to bypass the system, enabling them to log in and hijack user accounts, perhaps only with a password.
The suspicious activity prompted Crypto.com to immediately suspend all account withdrawals. In addition, “Crypto.com revoked all customer 2FA tokens, and added additional security hardening measures, which required all customers to re-login and set up their 2FA token to ensure only authorized activity would occur,” the company said.
Since then, Crypto.com has “revamped and migrated” the company’s IT infrastructure to a new two-authentication system. But over time, the company plans on phasing out the two-factor approach for “true Multi-Factor Authentication (MFA),” which will give users more options to secure their accounts.
The MFA system will also include the upcoming “Worldwide Account Protection Program,” which Crypto.com will roll out to eligible users on Feb. 1. The program’s main benefit is a restoration of funds up to US$250,000 for qualified users in the event an account hijacking occurs.
The Crypto.com breach occurs as cybercriminals have been preying on cryptocurrency users with the goal of looting their funds. Last year, a separate cryptocurrency exchange Coinbase also disclosed that hackers had broken into accounts belonging to at least 6,000 users. In response, Coinbase compensated the affected victims. But other Coinbase users tell PCMag the company never offered any reimbursements.