Crypto.com, an international exchange which rose to prominence thanks to its deals with famous sports teams, was recently attacked by hackers. While the accounts of hundreds of Crypto.com users were compromised, the security breach also cost the company $15 million (roughly Rs. 110 crore) in Ether tokens that have been stolen. Crypto.com CEO Kris Marszalek confirmed the attack while claiming that “no customer funds were lost” in this hack attack. In a Twitter thread, Marszalek has shared a summary of how events transpired.
“The downtime of withdrawal infra was 14 hours. Our team has hardened the infrastructure in response to the incident,” Marszalek tweeted.
Some thoughts from me on the last 24 hours:
– no customer funds were lost
– the downtime of withdrawal infra was ~14 hours
– our team has hardened the infrastructure in response to the incident
We will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
Security firm PeckShield had also been tracking the developments that followed the Crypto.com hack.
In a tweet, PeckShield said that the stolen Ether tokens were being laundered to undisclosed wallets via cryptocurrency privacy tool named Tornado Cash.
Tools like Tornado Cash can hide the final destination of Ether tokens being sent into it. By doing this, the hacker wants to ensure that the amount stolen from Crypto.com doesn’t get traced back by any means.
After the breach was detected, the Hong Kong-based exchange had halted all withdrawal transactions for the time being. An investigation has been launched into the case. Details on how the hack could have happened also remain unearthed.
Marszalek, meanwhile, expressed gratitude to people for their support.
“I’m particularly happy with two things: the support we received from the community both publicly and in DMs — the opportunity this incident gave us to further strengthen our setup. We learn, we improve, we move forward undeterred,” he tweeted.
As of February 2021, Crypto.com claimed to have over 10 million users.
Last year, the company renamed the Los Angeles Lakers’ stadium — formerly known as the Staples Center — to the Crypto.com Arena as part of its advertisement campaign. The deal was worth $700 million (roughly Rs. 5,205 crore).
This hack on the platform comes just days after Crypto.com decided to expand the size of its investment arm called Crypto.com Capital to $500 million (roughly Rs. 3,720 crore) aiming to help fund Web3 startups.
Cyber criminals have begun to target crypto investors and platforms in increasing numbers given the ongoing expansion of the crypto space.
In a hack attack last December, cryptocurrency exchange Bitmart lost nearly $200 million (roughly Rs. 1,480 crore) stored in various cryptocurrencies.