Crypto.com Refunds Users After 483 Accounts Were Hacked

  • According to the company, the hacker stole “4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other currencies” from 483 accounts.
  • In order to prevent future attacks, Crypto.com has implemented a new layer of security called “Worldwide Account Protection Program (WAPP)”.
crypto.com tablet

Shutterstock

Popular crypto exchange Crypto.com suffered from a security breach on Monday, which saw 483 users loose around $34 million in digital assets, the company said in a blog post on 20 January.

According to the announcement, the hacker was able to take “4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other currencies” from 483 Crypto.com customer accounts, with the total value of the stolen assets being around $34 million. The blog post also revealed that “there was no loss of customer funds” as all affected accounts have already been “fully reimbursed”. The chief information security officer of the exchange, Jason Lau, said in a statement:

“Crypto.com is a leader in security and compliance, including our recent SOC 2 announcement. While our goal is to prevent any security breaches, our industry leading insurance policy and Worldwide Account Protection Programs offer our customers additional protections in rare instances when there is an incident.”

On Monday, after reports of suspicious activities on customer accounts, Crypto.com decided to pause all withdrawals from the platform, which lasted for around 14 hours. The exchange quickly realized that a small number of transactions were being authorized without the two-factor authentication (2FA) being entered, which forced it to revoke all 2FA tokens. After this, customers were allowed to trade only after relogging and reactivating their 2F tokens.

In order to prevent future attacks, the exchange claims to have implemented a new layer of protection — called the “Worldwide Account Protection Program (WAPP)” — which will requires traders to whitelist a withdrawal address at least 24 hours before withdrawing funds. If a third party gains unauthorized access to these accounts, the exchange will be able to restore “up to USD$250,00” to qualified users.

Discussion
2 comments
Loading comments...
Related Coverage
KuCoin Twitter Account Hacked, Exchange to Reimburse Losses
  • The Twitter account of the crypto exchange was compromised for roughly 45 minutes on Monday, resulting in 22 transactions connected to the hack.
  • KuCoin has calculated that the total asset losses were 22,638 USDT, and noted that it will fully reimburse users affected in the incident.
April 24, 2023, 8:59 AM
kucoin

Shutterstock

BonqDAO Exploited for $90M
  • A hacker was able to manipulate the price of the AllianceBlock token on BonqDAO, which allowed him to drain close to $90 million worth of crypto from the protocol.
  • Both platforms have paused their services, and are currently in the process of removing liquidity as to hinder the hacker’s ability to convert the stolen tokens.
North Korean Hackers Move 41,000 ETH Stolen From Harmony
  • North Korea’s Lazarus Group has moved around $63.5 million of crypto assets connected to the Harmony bridge hack over the weekend.
  • The hackers tried to move a portion of the funds through Binance and Huobi, but the exchanges were able to freeze their account and recover around 124 BTC.