Crypto.com was under cyber attack, lost about $30 million in Bitcoin and Ethereum

The well-known cryptocurrency exchange Crypto.com was reported to be under a cyber attack on January 17, but the exchange has not disclosed the details of the attack until now. After the attack, hackers quickly stole 4,836.26 ethereum and 443.93 bitcoin, or about $30 million in stolen cryptocurrency at current exchange rates.

The number of investors involved is 483, and Crypto.com issued a statement saying that all affected customers have been fully compensated and the current vulnerability has been fixed. As for the reason for the attack, details of the vulnerability, potential attackers, and other information, the exchange has not disclosed it yet, and security experts may still need to investigate and trace the source.

Based on asset security considerations, all cryptocurrency exchanges currently use multi-factor authentication, and multi-factor authentication during transactions is basically mandatory. Therefore, in theory, even if the user account password is leaked, the assets will not be transferred out directly, but what Crypto.com encountered this time is that the assets were transferred out. Specifically, the 483 affected investors have been configured with multi-factor authentication, but the hacker used the vulnerability to bypass the authentication when conducting transactions and successfully withdrawing assets. After the attack, Crypto.com also found that the security system was abnormal because some users completed the withdrawal without completing the authentication, which triggered an alarm.

Although its security team has dealt with it in a timely manner, many users’ assets have been stolen, and the exchange admits that the issue has nothing to do with users. Therefore, after investigation, the stolen funds have been replenished to all affected users, and the exchange has switched to a new security system that requires users to rebind.

However, Crypto.com did not mention that the account password was leaked in the announcement. It only said that the multi-factor authentication system had loopholes and was bypassed by hackers before the withdrawal occurred. As a security measure, the exchange has disabled the old authentication system, and all current users must re-bind multi-factor authentication before they can continue to withdraw.