Crypto.com – considered the third-largest cryptocurrency exchange – has confirmed that it had suffered a cyberattack that compromised more than 400 of its customers’ accounts, leading to unauthorized withdrawals worth millions of dollars.
On its website, Crypto.com said that it first detected the breach on January 17, 2022. On that date, the exchange noticed "a small number of users had unauthorized crypto withdrawals on their accounts." The exchange then immediately suspended withdrawals for all tokens to launch an investigation into the matter, adding that it “worked around the clock to address the issue.”
Withdrawals on the website were disabled for roughly 14 hours following detection of the suspicious activity. Crypto.com also revoked two-factor authentication tokens for all its users, requiring them to log back in and set up new tokens as a precaution. The company also said that in most of the cases, it managed to prevent unauthorized withdrawals, while for others it chose to fully reimburse affected customers.
In an interview with Bloomberg, Crypto.com CEO Kris Marszalek acknowledged that around 483 customer accounts had been affected by the cyber incident. Security researchers had pegged the impact of the attack to be around US$15 million to US$33 million, but Marszalek commented that the numbers “aren’t particularly material,” and that “customer funds were never at risk.”
Marszalek also did not directly answer a question on the identity of the cyberattackers.
BleepingComputer managed to get a copy of a statement from Crypto.com which gave more details on the incident. Said statement puts the total amount of unauthorized withdrawals at around US$34 million. It was noted that the unauthorized withdrawals were for various cryptocurrencies. The cybersecurity news website also noted that it had previously reported on a technical glitch on Crypto.com, which led to duplicate purchases on the exchange.