Editor’s take: One of the world’s largest crypto exchanges has apparently suffered a security breach in which an estimated 4,600 Ethereum tokens valued at more than $14 million were stolen. That’s no small amount of money, but things could have been much worse had the incident lasted longer.
One of the world’s largest crypto exchanges has apparently suffered a security breach in which an estimated 4,600 Ethereum tokens valued at more than $14 million were stolen.
Crypto.com on Twitter said a small number of users experienced unauthorized activity in their accounts. The exchange added that all funds are safe, but out of an abundance of caution, they are requiring everyone to sign back into their accounts and reset their two-factor authentication.
Blockchain security and data analytics company PeckShield said at least 4,600 ETH coins were stolen, noting that half of them were being washed via Tornado Cash, a mixing service that makes crypto harder to trace. PeckShield told Decrypt it believes the true scale of the hack is “definitely worse.”
Some thoughts from me on the last 24 hours:
– no customer funds were lost
– the downtime of withdrawal infra was ~14 hours
– our team has hardened the infrastructure in response to the incident
We will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
Crypto.com CEO Kris Marszalek chimed in hours later, reiterating that no customer funds were lost. He said downtime on the withdrawal system was around 14 hours, adding that his team has hardened the infrastructure in response to the incident.
Looking at feedback on Twitter, it seems Crypto.com resolved the matter for some but not all users.
Crypto.com has quickly become one of the most recognized names in cryptocurrency thanks to a heavy marketing push. In July 2021, the company partnered with the Ultimate Fighting Championship to become their fight kit branding partner. The exchange in November purchased the naming rights to the Staples Center in Los Angeles. It’ll be known as the Crypto.com Arena for the next 20 years.
Image credit: David McBee