Over $34 million from Crypto.com accounts were stolen

Crypto.com is a rapidly expanding cryptocurrency exchange. After unknown attackers gained access to their user accounts, Crypto.com admitted that over $34 million in cryptocurrency was taken.

The attack began on January 17 and involved illicit activity on a small number of user accounts, with transactions allowed without using two-factor authentication. According to Crypto.com, the action prompted an instant response, with all withdrawals on the site banned for the length of the investigation.

As a precaution, Crypto.com revoked all client 2FA and introduced extra security hardening measures. To guarantee that only permitted activity occurred, all clients were required to log in again and set up their 2FA token.

The organization also conducted a comprehensive examination of its whole infrastructure, with various enhancements made to strengthen its security posture further. Crypto.com also employed third-party security organizations to undertake further security tests, as is customary after a compromise.

Crypto.com has launched the “Worldwide Account Protection Program” to provide extra protection and security for customer cash kept by the corporation. WAPP is intended to safeguard user funds if a third party acquires unauthorized access to their account and withdraws payments without permission. WAPP reimburses qualified users up to $250,000 in funds.

Crypto.com has responded positively to the alleged intrusion. It checks every box imaginable, and then some, as with the WAPP program. However, the method through which the cash was stolen remains unknown.