On 17 January, the Crypto.com cryptocurrency platform suspended withdrawals due to ‘suspicious activity’ on user accounts. The company assured that customers’ funds are safe, but PeckShield analysts say the incident involved a hacking attack in which more than $15 million was stolen.
The @cryptocom loss is about $15M with at least 4.6K ETHs and half of them are currently being washed via @TornadoCash https://t.co/PUl6IrB3cp https://t.co/6SVKvk8PLf pic.twitter.com/XN9nmT857j
— PeckShield Inc. (@peckshield) January 18, 2022
“Several users reported suspicious activity on their accounts; in the near future we will suspend withdrawals, as our team conducts an investigation. All funds are safe,” Crypto.com wrote.
A few hours later, users were asked to log back into their accounts and reset their two-factor authentication (2FA).
Around 19:00 MSK, Crypto.com’s chief executive Kris Marshalek said that technical specialists were conducting final checks — the withdrawal function was restored about an hour and a half later.
According to Marshalek, the downtime lasted roughly 14 hours. The CEO stressed that customer funds were not lost, and the team had taken steps to bolster the infrastructure.
Some thoughts from me on the last 24 hours:
— no customer funds were lost
— the downtime of withdrawal infra was ~14 hours
— our team has hardened the infrastructure in response to the incidentWe will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
Nevertheless, PeckShield specialists say hackers withdrew 4,600 ETH (about $15.05 million at the current rate). At the time of writing, the address address, which Etherscan labelled as belonging to the attacker, holds 1.17 ETH — the remainder of the assets have been sent to the Tornado Cash mixer.
CertiK also reported a Crypto.com breach. The startup’s analysts claim that more than 282 users were affected — 4,836 ETH were withdrawn from their accounts (~$15.82 million).
#SkyTrace Analysis
Using SkyTrace, we can see that the hacker is moving the stolen funds to Tornado Cash
Check it out yourself using this link 👇https://t.co/hgWz2TU0NA pic.twitter.com/1pO9NuakRN
— CertiK Security Leaderboard (@certikorg) January 18, 2022
Users also reported losses; one user allegedly had more than 17 ETH stolen.
My wife had 17.43 ETH wiped within minutes without her authorization. She has 2FA. She is in panic mode. We tried contacting the chat but no help.
— Yugesh Bhattarai (@yougesify) January 17, 2022
Earlier, Crypto.com announced an increase in the insured coverage for user assets to $750 million. The program is implemented in partnership with Arch Underwriting — a Lloyd’s market participant.
Back in January 2022, hackers drained from hot wallets of the sports NFT platform Lympo assets worth $18.2 million.
Read ForkLog’s bitcoin news on our Telegram — crypto news, prices and analytics.