Crypto.com was hacked – here’s what you should know
The total losses amount to more than USD $30 million.
We found out on January 17th that Crypto.com had been hacked. Early reports stated that several users detected unauthorized withdrawals, which led the company to suspend their movements for 14 hours while investigating the problem.
Initially, it was reported that the hackers had stolen about 4,500 ETH from some accounts. However, the reality is that more than 444 BTC and other currencies were stolen from several platform users. The total losses amount to more than USD $30 million.
Nonetheless, the company had a rather suspicious attitude, and even though the founders returned all the money that was stolen, they didn’t quite admit that there had been a theft. It was called a “suspicious activity” and brushed off to not worry its users.
Moreover, everyone is amazed, as the thieves could breach the two-factor authentication implemented on the site which should be the most secure validation system.
It is also called 2FA. This cryptographic security system consists of a token that gets combined with a time value and generates a unique code that changes every certain amount of time. Nonetheless, some systems also send the code through email or SMS.
The user and the platform should be the only ones to have this code, and none of them can ever share the key with anyone else, as this could give anyone the power to create security codes and hack into the account.
It is known that what happened with Crypto.com was a flaw in the 2FA system, which caused the company to reset all its users’ keys. According to its CEO, Krist Marskalek, the infrastructure of the 2FA was completely changed after the hack took place.
Where Is the Money Now?
Even though only 1% of the platform’s accounts were hacked, USD $30 million is still a tremendous amount of money and can’t be brushed off as “an incident of suspicious activity” as the company wants to call it.
Hence, a Twitter user took the challenge to track the BTC blockchain and determine where the money is now. He discovered that 271 BTC were transferred to several addresses, while 173 BTC were yet to be spent.
This user demonstrated that one of the accounts was linked to the hacker group Lazarus Group, associated with the North Korean government.
All platform policies have changed since the theft, especially those that refer to the 2FA technology, which has been significantly improved to avoid any future hacks.
Moreover, some other measures were added. Now you can only use your withdrawal address 24 hours after adding it, and you’re going to receive an email to confirm this address.
However, the company is working to stop using 2FA and move towards MFA or multi-factor authentication, which is much more secure than the actual type of security used.
In addition, Crypto.com joined the Worldwide Account Protection Program, an insurance that covers up to USD $250,000 per account in case of hacking. Nonetheless, not all users qualify to have this insurance.
You should never forget that if you’re not the only person with access to your account, then those aren’t really your BTC. Even though the losses were covered, you don’t have any warranty that this is going to happen to you if you don’t protect your account.
The crypto world isn’t wholly different from the real financial world, as things like this can also happen. However, as technology advances, we become better at staying safe from hackers and people like this.
If you want to begin trading today, please go to https://bitcoin-storm.live/ and check out what we can do for you.