Crypto.com, which is one of the largest cryptocurrency exchanges in the world, has confirmed that hackers withdrew more than $30 million from the wallets of 483 users. The announcement comes after the website downplayed the attack, calling it “an incident.”
The total amount was comprised of a few different cryptocurrencies – 4,836.26 ETH (around $15 million), 443.93 BTC (around $18 million) and approximately $66,200 in other currencies.
The company state that “In the majority of cases we prevented the unauthorized withdrawal, and in all other cases customers were fully reimbursed,” so in the end, according to the company, “No customers experienced a loss of funds.”
The report shows a big difference in earlier communication. Initially, Crypto.com’s CEO referred to the attack as an “incident” and that “no customer funds were lost.”. The Twitter account for the company said that “All funds are safe”. Initially, it was believed that the amount stolen was $15 million, but this figure doubled.
The cryptocurrency hack was detected on Monday last, when hackers started transactions without inputting the two-factor authentication (2FA) of the users targeted. That’s when Crypto.com suspended withdrawals, revoked the 2FA tokens, forced all customers to log in again and set up their 2FA tokens, according to the press release.
“2FA tokens for all users worldwide were subsequently revoked to ensure the new infrastructure was in effect. We have mandatory 2FA policies on both the frontend and backend to protect users during this revocation phase, as outflows such as withdrawals have a requirement to setup and use 2FA in order to withdraw,” the press release read.
Crypto.com also said that a “Full audit of the entire infrastructure has been conducted internally with a number of improvements being implemented to further harden the security posture,” without specifying the details of these improvements. The company also said it has engaged with “third-party security firms” to audit its systems, and has also hired “additional threat intelligence services.”
Finally, the company also announced a new program called “Worldwide Account Protection Program (WAPP),” which is designed to protect user funds in case a hacker gets access to users’ accounts. In practice, “for qualified users,” Crypto.com will refund up to $250,000, a far cry from the multi-million dollar hacks that are happening almost every week in the world of cryptocurrency.
To qualify for the program, users have to enable multi-factor authentication on all transaction types, set up an “anti-phishing code,” not use jailbroken devices, file a police report, and complete a questionnaire to help the company with the forensic investigation.
Protecting Your Cryptocurrency Against Hackers
Cryptocurrency and the blockchain stand to be a major driving factor in the technology of the future. However this popularity has attracted an element of cybercrime. There are several tools internet users should use to increase their online protection. One of these tools is SaferNet.
SaferNet is the perfect solution to the cybersecurity issues that individuals, families, and businesses face today. It not only connects every device using a secure, 24/7 always on, military grade VPN, but it also stops outside cyberthreats, malware and viruses as well. On SaferNet, all users are protected anywhere in the world, all the time, on any cellular or Wi-Fi network. In addition to SaferNet’s VPN and cyber protection, it also offers a range of employee or parental/family internet controls including internet filtering, monitoring, scheduling, and blocking access to websites or even entire website categories
Typically, a user would need 3 separate services for a VPN, Malware Protection, and Internet Controls; SaferNet offers all 3 features in one service. SaferNet truly is an endpoint security presence that can be implemented in minutes around the world, on phones, laptops, tablets, and computers at an economical price point that caters to all internet users. SaferNet guarantees a smooth setup and installation process that takes only minutes, and an easily accessible control hub for you to monitor all your employee’s or family members devices; including activity, time spent online, and threats blocked.