A hacker exploit has cost Crypto.com $15 million in Ethereum (ETH) at least, with security experts estimating that the total losses might be far greater.
Having endured a hacker attack, Crypto.com has reportedly lost $15 million in Ethereum (ETH), with true losses yet to be revealed. Crypto.com has not disclosed any information in relation to the reports.
Crypto.com, based in Singapore, had recently paid a tidy sum of $700 for acquiring the Staples Center naming rights.
Yesterday, an announcement via Twitter was made by Crypto.com in relation to the unauthorized activity going on in the accounts of some users and confirming that the funds are secure.
Crypto.com implored users to sign in and do a reset on the two-factor authentication (2FA) for the purpose of security enhancement.
Earlier today a small number of users experienced unauthorized activity in their accounts. All funds are safe.
In an abundance of caution, security on all accounts is being enhanced, requiring users to:
-Sign back into their App & Exchange accounts
-Reset their 2FA
— Crypto.com (@cryptocom) January 17, 2022
Crypto.com revealed that the withdrawals resumed on Monday at 17:42 UTC, even though there were multiple complaints from users about missing funds from their account, as well as a report from Billy Markus, co-founder of Dogecoin (DOGE) stating that there is some weird activity going on in one of the Ethereum (ETH) wallets of the exchange.
The situation worsened after Peckshield, the security research company tweeted on early Tuesday morning that Crypto.com had lost at the very least $15 million equivalent to 4,600 Ethereum (ETH), half of them being sent to Tornado Cash. The damages could be even worse than this.
— PeckShield Inc. (@peckshield) January 18, 2022
After a couple of hours, Kris Marszalek, Crypto.com CEO took to Twitter to reveal that users had not lost their funds and the infrastructure of the exchange has been secured further after the hack. The CEO said that more will be revealed once the investigation by the exchange is finished.
Some thoughts from me on the last 24 hours:
– no customer funds were lost
– the downtime of withdrawal infra was ~14 hours
– our team has hardened the infrastructure in response to the incident
We will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
Users also reported that their accounts have regained the missing funds.