Crypto.com Finally Admits $ 34 Million Stolen Hijackers

teky (54)in Project HOPE • 3 years ago

The hackers are currently trying to steal the stolen money through crypto "mixer" applications.

Crypto.com trading platform lost nearly $ 34 million in crypto money on burglary on Monday, according to a new blog post by a company published overnight.

The company had previously declined to comment further on the robbery, forcing users to stop withdrawing most of the day, and reassuring customers that they would not lose money.

Image source

The hackers made 4,836.26 ethereum, 443.93 bitcoin, and about $ 66,200 in other cryptocurrencies from 483 direct users, according to the company. Crypto.com, with about 10 million users, suspended all withdrawals on Monday for almost 14 hours after a "suspicious activity" was discovered and forced all users to reset their two-factor authentication methods.

The acquired ethereum cost about $ 15.3 million and bitcoin cost $ 18.6 million at today's exchange rate, bringing in about $ 34 million in lost revenue. But Crypto.com is quick to note that no users have lost money because the company has deposited their accounts.

“All withdrawals from the platform were suspended during the investigation. Any accounts found to be affected have been fully restored, ”Crypto.com said in a statement.

The hackers were able to access the accounts without the need for two-factor authentication, although it is not clear how they removed it. Crypto.com has restructured its two-factor authentication system and introduced a 24-hour delay for whitelisted withdrawal addresses, according to a corporate autopsy.

Unidentified hackers are currently trying to steal their stolen crypto using cryptocurrencies, as Gizmodo reported yesterday. Ethereum is washed with an app called Tornado Cash, which charges itself as a privacy tool. Bitcoin seems to be washed away by an anonymous mix of bitcoin, sometimes known as a tumbler or chain.

Crypto.com also announced the launch of an insurance scheme called the Worldwide Account Protection Program. But this is not the same as "WAPP" you may be familiar with. This program allows trained users to reclaim up to $ 250,000 if their accounts are stolen.

What does it mean to be worthy? According to the company, users should first:

Enable Multi-Factor Authentication (MFA) for all types of activities where MFA is currently available,
Set code against theft of sensitive information at least 21 days prior to reported unauthorized activity,
Do not use jailbroken devices,
Submit a police report and provide a copy of it to Crypto.com
Complete a list of questions to support the forensic investigation.

Sounds like any future robbery will not be included worldwide, as Crypto.com did in Monday's crackdown. "Crypto.com has been a leader in the security and compliance and including our recent announcement of SOC 2," Jason Lau, Chief Information Security Officer for Crypto.com, said in a statement published online.