Skip to main content

Significantly more money stolen than expected

 


Significantly more money was stolen in the hacker attack on Crypto.com than previously assumed. A total of 483 wallets are affected.


In a recent blog post, Crypto.com comments on the hacker attack that temporarily paralyzed the US trading platform a few days ago. According to their own statements, the wallets of 483 Crypto.com users were attacked. This would have resulted in unauthorized withdrawals of 4,836.26 ETH, 443.93 BTC and $66,000 in other cryptocurrencies. The total amount of damage now amounts to around 33 million US dollars and is about twice as high as previously assumed. The CRO course has so far been largely unimpressed.


In this release, the company assures that they "prevented unauthorized withdrawals in most cases, and in all other cases customers have been fully refunded."


Crypto.com: What exactly happened?

On January 17, at around 1:46 am German time, an attack on the Crypto.com system was detected. The attackers are said to have succeeded in bypassing two-factor authentication. Crypto.com's IT department observed transactions being approved without being cleared through 2FA control by the respective users. As BTC-ECHO reported , complaints from victims via Twitter increased at the same time .



According to Crypto.com, the payment of all tokens was immediately suspended. Overall, the attack caused the payout infrastructure to fail for a total of 14 hours. The platform has been live again since January 18, 2022 at 5:46 p.m. In an interview with Bloomberg the next day, Crypto.com CEO Kris Marszalek said that "customer deposits were never at risk."


And now?

In the longer term, according to Crypto.com, the company would like to introduce multi-factor authentication (MFA). On the way there you want to adapt the system to different security precautions. The company has already completed the first update. There is now a 24-hour delay between registering a new payout address on the platform's white list and the first payout. In addition, users should receive notifications about the addition of payout addresses in the future. These would also include "useful reminders and instructions on how to contact [the Crypto.com] team if the address whitelisting was unauthorized."


The WAPP (Worldwode Account Protection Program) is then to be introduced. This is a type of insurance designed to “restore funds up to $250,000 for qualified users.”


Crypto.com is known for its conspicuously aggressive marketing strategy. In the past, they acquired the advertising rights to the famous Staples Center in Los Angeles, currently sponsor Formula 1 and the Italian soccer league Serie A and advertise with actors such as Matt Damon.



It remains to be seen whether the hacker attack will have a negative effect on the image of the trading platform - Crypto.com is now focusing on (re)building the trust of the community with the appropriate measures.

My Top Picks
Honeygain - Passive earner that pays in BTC or PayPal
MandalaExchange -The Best no KYC crypto Exchange! 
BetFury - Play And Earn BFG for daily Bitcoin and ETH dividends!
Pipeflare - Faucet that pays in ZCash and Matic, Games pay in DAI
Womplay - Mobile dApp gaming platform that rewards in EOS and Bitcoin
Cointiply - The #1 Crypto Earning Site
Torum - Join the latest Social Network and earn TRM for Free! 
LiteCoinPay - The #1 FaucetPay earner for Litecoin 
Upland - Collect Digital Properties & Test Your Skills
LBRY/Odysee - YouTube Alternative that lets you earn Money by viewing videos!
FaucetPay - The #1 Microwallet Platform
FREEBTC - The #1 FaucetPay earner for Satoshi's
FaucetCrypto - An earning/faucet site that pays out instantly
FireFaucet - An earning site that pays better for some than Cointiply
DogeFaucet - Dogecoin Faucet
xFaucet - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BCH, BNB, ZEC, FEY - Claim every 5 minutes
Konstantinova - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BCH, BNB, ZEC, USDT, FEY, 25 Claims Daily

Comments

Post a Comment

Popular posts from this blog

From offchain to offchain: Statechains meets Lightning

  Without a doubt, the most significant off-chain Bitcoin solution is the Lightning network. But in its wake, the statechain has emerged as an intriguing replacement. There is currently a proposal to link the two offchain networks. From an ocean, for example, you can see sunbeams glistening in the water, waves rippling, and possibly a jellyfish drifting toward the light. But you only see a small portion of it. The distance from the sea's surface to its bottom is hundreds of meters. It has dozens of different fish species swimming in it, crabs and starfish crawling on the bottom, shells clinging to rocks, and sea plants climbing up. A completely new world starts where your gaze diverges. You can picture a blockchain like Bitcoin, just like the sea. What you see on the outside is only a small portion of what is actually there; the set of UTXOs (coins) and transaction history that full nodes store are just the beginning of a much larger world. It's the plan, at least. With Bitcoin...
Post a Comment
Read more

Phishing attack on popular crypto sites tries to empty wallets

  Several major crypto sites such as Etherscan, CoinGecko, DeFi Pulse, and others report malicious pop-ups scammers use to try to trick users into connecting their MetaMask wallets. The phishing attack came from a domain displaying the Bored Ape Yacht Club (BAYC) logo. "We are investigating the root cause of this attack to fix the threat as soon as possible," CoinGecko founder Bobby Ong tweeted. The phishing attack appears to have been triggered by a malicious ad script from Coinzilla, a crypto ad network, according to CoinGecko. Etherscan also advises its users not to confirm any transactions that may appear on the website. The attackers attempted to use the hype around the “bored monkeys” non-fungible tokens (NFT) to gain access to the cryptocurrencies of unsuspecting website visitors. Although the websites affected by the scam attempt have reacted in the last few hours and deactivated the advertising pop-up, it is still recommended not to connect your MetaMask wallet to ne...
Post a Comment
Read more

Bored Ape Yacht Club NFTs stolen through phishing on Instagram

  Bored Ape Yacht Club ( BAYC ) developers announced on Monday that hackers have hijacked the official Instagram page of the popular NFT collection and posted links to a fake airdrop. Crypto enthusiasts who connected their MetaMask wallet to the rogue website subsequently had their Ape NFTs stolen. Apparently, the attack was planned to coincide with the one-year anniversary of the BAYC collection. This increased the "perceived credibility" of the phishing link. About 100 NFTs are said to have been stolen in the phishing attack . According to CoinGecko data , the minimum price for a BAYC NFT is 139 Ether ( ETH ) or $400,726. So if reports are correct, over $40 million worth of NFTs were stolen in the attack. These numbers are only the lowest estimate, however, as they are based on the lowest price.  At the time of writing, it was still unclear how the hackers gained access to BAYC's official Instagram account. Social media users have pointed out the importance of two-fact...
Post a Comment
Read more