A massive crypto attack occurred on January 17, affecting 483 users of Crypto.com – one of the most ambitious cryptocurrency exchanges on the market. The attacks caused close to $35 million in damages by unauthorizedly withdrawing Etherium (4,836.26), Bitcoin (443.93), and around $66,000 in other cryptocurrencies from a small number of accounts.
Luckily, Crypto.com was quick to address the issue and prevented further damage to its users by blocking transactions. They are also fully reimbursing anyone affected by the attack.
The attack was detected by internal security systems of Crypto.com, which detected that withdrawals from a number of accounts were being approved without the usual 2FA (Two-factor Authentication) being put in by the user.
The security team then quickly froze all withdrawals temporarily to assess the situation. Withdrawals were made available again after 14 hours. In the meantime, Crypto.com hardened its security measures and asked its users to re-login and set up new 2FA tokens.
One of the new security measures that Crypto.com implemented on January 18 was a 24-hour delay between the registration of a new address and the first withdrawal to that address. Users will also be notified of new addresses being added, so they have time to react and protect their accounts.
In a report released on Friday, January 21, Crypto.com announced that it is transitioning away from 2FA into true MFA (Multi-factor Authentication).
While these attacks are harmful, in a way, they are also beneficial. Crypto exchanges are all relatively new and don’t have experience dealing with high-scale cyber attacks, making them a prime target for hacking groups. These attacks will help them realize how important security is for their business, and make them implement measures that will stop hackers from doing this in the future.
The LIFARS Incident Response Team has been deployed in many horrific cyber stories, where “cyber patients” almost died. LIFARS was called the “cyber ambulance” delivering life-saving “cyber oxygen” when the “cyber 911” call was made to the LIFARS hotline. Saving your brand, disengaging the threat actor, and quickly allowing you to safely restore business operations to normal are our main objectives.