Popular crypto trading platform Crypto.com fell victim to a hack earlier this week. The company initially reported the hack through Twitter on January 17.
It has now come out with a report explaining what happened and how the hackers made off with more than $34 million dollars in cryptocurrency.
After Monday’s tweet, Crypto.com took some time to investigate the incident before releasing its findings earlier today. The company said that it initially discovered the issue after it noticed a small number of accounts (483, to be exact) were somehow approving transactions without requiring the 2FA authentication from the account user.
After discovering the issue, Crypto.com halted all withdrawals and revoked all 2FA tokens. The company then “migrated to a completely new 2FA infrastructure” before resuming withdrawals 14 hours later.
Earlier today a small number of users experienced unauthorized activity in their accounts. All funds are safe.
In an abundance of caution, security on all accounts is being enhanced, requiring users to:
-Sign back into their App & Exchange accounts
-Reset their 2FA
— Crypto.com (@cryptocom) January 17, 2022
The platform also added a mandatory 24-hour delay from when a new withdrawal address is added and when the first withdrawal to that address occurs. That window should help give Crypto.com account owners enough time to react to unauthorized addresses before a withdrawal takes place.
Despite the platform’s quick actions and security upgrades, the hackers still made off with more than 4,800 Ethereum, 443 Bitcoin, and small amounts of other currencies, totaling more than $34 million in currencies. Fortunately, the company reimbursed all customers with affected accounts.
Obviously, it’s never good to see hackers get away with this kind of money. But when it does happen, it’s good to see a company taking full responsibility, reimbursing customers, and revamping the security infrastructure as quickly as Crypto.com did.