Crypto.com: This address was involved in the $15 million hack

Lavina Daryanani
Source: The Times of Israel

The crypto space has been prone to hacks since its inception. More so, because the underlying technology is quite novel. A host of attacks and violations have taken place in the recent past, but in what is the latest happening, Crypto.com was victimized.

During the early hours of Monday after users complained about suspicious activity on their accounts, the crypto exchange made an official announcement. With the said development, Crypto.com is now the first major CEX to succumb to a hack this year.

With the number of crypto crimes ever-increasing, a host of notable exploits happened last year, but the Poly network hack remained to be one of the most prominent ones. Apart from that, the event where over 6000 Coinbase customers got hacked also managed to gain the mainstream spotlight.

More updates

Soon after experiencing issues with their accounts, users of the Crypto.com exchange realized that they had been hacked. Most of them allegedly reported missing currencies from their balances. However, from a few wallets, the hacker had made off with all the funds in the account.

The exchange took Twitter to address the issue.

The tweet noted that only a “small number of users” had been affected by the hack. However, crypto-related social media was flooded with victims disagreeing and saying that this was not the case.

Following news of the hack, Crypto.com had promptly restricted all withdrawals on its platform. Users were not able to carry out any withdrawals and those with pending withdrawals could not complete their transactions. This was done in an effort to prevent the hacker(s) from being able to perform any more withdrawals from the accounts of the affected users.

The attack is speculated to have occurred after the attackers found a way to bypass the 2FA security measures on the exchange. This has prompted Crypto.com to alert users to reset their 2FA information, as well as having to log back into the platform to regain access to their accounts.

The crypto exchange announced that the said update would be rolled out gradually to users. Upon completion, withdrawals will then be enabled and users would be able to send their funds out of the exchange. They noted,

“We understand this may be an inconvenience, but security comes first.”

At the time of writing, it was noted that all the withdrawal services had been restored. However, the backlogs were yet to be cleared.

The exchange’s native token, CRO, was down by 1.1% on the 24-hour window and was trading at $0.4488 at the time of press.

Culprit Tornado?

According to Etherscan.io, a majority of the transactions were being carried out via Tornado Cash, which is a non-custodial privacy solution on Ethereum. The transactions were first carried out in terms of 100 Ethers while the last three were made in 10 ETH. Currently, all the Ether has been cashed out from the deposit address.