Crypto.com confirmed that the high-profile cyberattack it suffered recently resulted in the compromise of more than 400 customer accounts, but the company insisted that the customers’ funds are safe.
The company’s CEO, Kris Marszalek said in a Bloomberg Live interview that the attack on the platform affected around 400 user accounts, although the precise number is 483.
On-chain analysts had estimated that the attack’s impact at between $15 million and $33 million. However, Crypto.com’s CEO insisted that the “numbers aren’t particularly material and customer funds were never at risk.”
Apparently, attackers managed to perform unauthorized transactions from the platform, adding up to a total of about $34 million, as follows:
- 4,836.26 ETH (Ethereum) – $15,132,516
- 443.93 BTC (Bitcoin) – $18,613,630
- Other cryptocurrency – $66,200
- Total – $33,812,346
Crypto.com became aware of the cyberattack earlier this week on Jan.17th, after its risk monitoring systems detected a small number of users performing unauthorized cryptocurrency withdrawals on their accounts.
In turn, the company suspended withdrawals for all tokens and initiated an investigation. Reportedly, Crypto.com shut its withdrawal feature for approximately 14 hours as a precaution.
Additionally, the company reset customers’ two-factor authentication (2FA) tokens and prompted them to re-log in to the app and generate new ones. On the other hand, some customers reported technical difficulties during the attempted 2FA reset.
Presumably, the app got stuck at the passcode input screen and users couldn’t reach the next stage of configuring their new 2FA tokens for their accounts. After “security hardening measures” were set, Crypto.com resumed token withdrawals on Jan. 18, at around 5:46 PM UTC.
Crypto.com is one of the world’s leading cryptocurrency trading platforms.