Is the Crypto.com “unauthorized activity” event bigger than first thought?
There are conflicting reports regarding the loss of user funds. More will be known as internal investigations conclude.
Crypto.com CEO Kris Marszalek plays down Monday’s “unauthorized activity” event, saying more information will come following the results of an internal investigation.
Some users reported suspicious account activity in the days preceding, leading to the exchange suspending withdrawals. According to Bloomberg, tens of thousands of dollars were lost from Crypto.com accounts as a result.
However, in giving an update, Marszalek says no user funds were lost.
Conflicting reports of losses
As the event unfolded, Crypto.com tweeted a brief explanation of what was happening, along with a notice on withdrawal suspension. The tweet also assured users that all funds are safe.
We have a small number of users reporting suspicious activity on their accounts.
We will be pausing withdrawals shortly, as our team is investigating. All funds are safe.
— Crypto.com (@cryptocom) January 17, 2022
Crypto.com operates with a $750 million insurance policy. However, the specifics of the policy, such as clauses, are not detailed by the firm.
Replying to the above tweet, influencer Ben Baller expressed frustration over his poor customer service experience after reporting stolen funds amounting to approximately $13,500. Baller asked how the perpetrators were able to bypass two-factor authentication.
“I messaged yah guys hours ago about my account having 4.28ETH stolen out of nowhere and I’m also wondering how they got passed the 2FA?“
This reply was followed by others saying they, too, had lost funds. One user claims to have lost 1.2 BTC ($36,700) over four separate unauthorized withdrawals.
Blockchain security firm Peckshield weighed in with a bombshell claim that losses far exceed those initially reported by Bloomberg.
According to Peckshield, the hack comes in at $15 million. Their tweet shows address analysis of stolen ETH being sent to Tornado Cash addresses.
The @cryptocom loss is about $15M with at least 4.6K ETHs and half of them are currently being washed via @TornadoCash https://t.co/PUl6IrB3cp https://t.co/6SVKvk8PLf pic.twitter.com/XN9nmT857j
— PeckShield Inc. (@peckshield) January 18, 2022
Using mixer protocols, like Tornado Cash, hackers can obscure the on-chain “paper trail” linking the source address and destination address, thus laundering the stolen funds.
Crypto.com boss thank the community for its support
Responding to the incident today, Marszalek said no customer funds were lost, withdrawals were reinstated within 14 hours, and they have upped security in response. He also said he would give more information once the investigations are finished.
Some thoughts from me on the last 24 hours:
– no customer funds were lost
– the downtime of withdrawal infra was ~14 hours
– our team has hardened the infrastructure in response to the incidentWe will share a full post mortem after the internal investigation is completed.
— Kris | Crypto.com (@Kris_HK) January 18, 2022
Hours later, Marszalek put out another tweet conveying thanks for the support and spinning the incident as an opportunity to improve Crypto.com’s security procedures.
“I’m particularly happy with two things:
– the support we received from the community both publicly and in DMs
– the opportunity this incident gave us to further strengthen our setup
We learn, we improve, we move forward undeterred.”
Whenever high-profile exchange hacks occur, crypto users are reminded of the third-party risk involved when dealing with centralized exchanges.
We await the results of the investigation.