Crypto.com Confirms $34M Hack Without Explaining Cause
The exchange says it will implement a new account protection program going forward. Read the full article by Timothy Craig “Neither this post nor any other on cryptofal.com should be taken as financial advice. It is not.”
Hacks are one of the biggest fears investors have when it comes to transitioning to cryptocurrencies. In 2021 there was about $2.2 billion just from Defi platforms according to Chainalysis. Attackers can compromise wallets in plenty of ways the most common seems to be through links in Discord and other social media platforms. The most frequent way we have seen accounts get compromised is through clicking on links that look legit and signing away access to your account.
For this reason, many investors prefer the traditional centralized exchanges because they are presumed to be safer because of the regulations put on them. This was not the case though for up-and-coming exchange Crypto.com which was hit on Monday for $34.4 million. The exchange has confirmed that they have been hit but is not explaining how it happened to the public. In a report by Crypto.com this morning they did announce they would be taking greater security measures as well as providing insurance now if something like this happens again in the future.
In total, the incident affected 483 users of the exchange which saw 4,836 ETH and 443 BTC stolen. There was also close to $66,000 in other cryptocurrencies stolen as well. This prompted the exchange to add an additional layer of security specifically to withdrawals which will force users to wait 24 hours after registering a new withdrawal address before being able to send funds to that address. “Users will receive notifications that withdrawal addresses have been added to give them adequate time to react and respond,” the exchange said in a blog post.
Since cryptocurrencies are not yet FDIC insured it is up to the exchange to provide the insurance and Crypto.com says they will be providing up to $250,000 for qualified users. They do also have their SOC2 audit which is important for informational security but they will need more going forward now to regain users’ trust.