Share

cover art for Cyberattack Hits Crypto.com - Threatwire

Daily Tech News Show

Cyberattack Hits Crypto.com - Threatwire

By Shannon Morse, ThreatWire

The world’s third largest cryptocurrency trading platform was hit with a cyberattack last week that compromised 483 customer accounts and led to $34 million crypto to be withdrawn. Crypto.com was targeted and US $33.8 million was stolen, though the CEO stated in multiple interviews that customer funds are not at risk.

The hack caused about $15 million in ethereum, $18.6 million bitcoin and $66,000 misc crypto to be stolen from the platform. The attack was detected on January 17th, at which time Crypto.com suspended withdrawals for about 14 hours. 2FA tokens were also revoked, so users had to re-sign in and set up new 2FA tokens for access.

While this crypto was stolen via unauthorized withdrawals, the platform fully reimbursed affected users. Transactions resumed on January 18. According to a Crypto.com post, their risk monitoring systems detected the attack, and saw transactions being approved without 2FA authentication, meaning the 2FA was being bypassed by attackers.

The company migrated to a completely new 2FA infrastructure in response. They also added that the company will be moving away from 2FA and moving to true multi factor authentication for end user security, and beefing up security with an Account Protection Program, which will offer better security for funds within the App and exchange. APP would also restore funds up to $250,000 in the event of unauthorized access.

A lot of technical information regarding this attack has not been shared with the public. For example - who was behind this attack? How were they able to bypass 2FA restrictions for withdrawals? What protocol was being used to implement 2FA and how does the new infrastructure fix these problems? Hopefully Crypto.com will share some of this information with their customers to ease some of the concerns shared via social media.

Crypto.com:

https://www.bleepingcomputer.com/news/security/cryptocom-confirms-483-accounts-hacked-34-million-withdrawn/

https://threatpost.com/2fa-bypassed-crypto-com-heist/177846/

https://crypto.com/product-news/crypto-com-security-report-next-steps

https://www.vice.com/en/article/g5qj9j/cryptocom-says-incident-was-actually-dollar30-million-hack

https://www.zdnet.com/article/crypto-com-confirms-483-users-hit-in-attack-that-saw-over-31m-in-coins-withdrawn/

https://www.zdnet.com/article/crypto-com-ceo-responds-to-complaints-of-login-issues-after-hack/

More episodes

View all episodes

  • 5187. Why Vibe-coding Micro Apps Isn't Automatically a Bad Thing - DTNS 5187

    42:24||Ep. 5187
    Smartglasses companies XREAL and Viture are getting ready to duke it out in court, and Dr. Niki shares what kinds of biomechanics robotics she saw at SICB.Starring Jason Howell, Huyen Tue Dao, Tom Merritt, and Dr. Niki.Show notes found here.

  • 5186. Wikipedia Cashes AI Checks to Survive Another Day

    37:46||Ep. 5186
    Plus, A new version of Wine is aout and it’s simpler to launch programs, and why Microsoft is spending so much money on Anthropic Starring Tom Merritt, Huyen Tue Dao and Andy Beach. Show notes can be found here.

  • 5185. Gemini Wants to Get Personal. You Should Let It - DTNS 5185

    26:35||Season 13, Ep. 5185
    Why you might want to let Gemini access your Gmail and Search history. Plus, the new chip shortage isn’t RAM, it’s glass.Starring Tom Merritt and Sarah Lane.Links to stories discussed in this episode can be found here.

  • 5184. Microsoft Shares Its "Community-First" AI Infrastructure Plan - DTNS 5184

    32:10||Season 13, Ep. 5184
    Apple targets digital creatives with the debut of its "Apple Creator Studio" subscription package, and Moxie Marlinspike is bringing end-to-end encryption to the open-source AI chatbot world with the release of Confer.Starring Jason Howell and Tom Merritt.Links to stories discussed in this episode can be found here.

  • 5183. AI Gets HIPAA With HealthCare - DTNS 5183

    26:38||Ep. 5183
    OpenAI and Anthropic make a play for the health industry; meanwhile, Apple had its best year ever.Starring Tom Merritt and Robb DunewoodShow notes can be found here.

  • 5182. Glasses and Robots Were Everywhere At CES 2026 - DTNS 5182

    35:21||Ep. 5182
     FCC is about to approve changes that will make Wi-Fi advocates very happy, and Bose deserves a lot of credit for open sourcing its nearly end-of-life SoundTouch Wi-Fi speakers.Starring Jason Howell and Huyen Tue Dao.Show notes can be found here.

  • 5181. The Best of CES 2026 - DTNS 5181

    53:58||Ep. 5181
    David Katzmaier tells us what CNET awarded best overall, and Richard Gunther and Trisha Hershberger fill out the list with their faves.Starring:  Tom Merritt, Robb Dunewood, Sarah Lane, Trisha Hershberger, David Katzmaier, Richard Gunther, Roger Chang, Joe, Amos.Show notes can be found here.

  • 5180. CES 2026 - WiFi 8, Holographic Desktop Friends and Hands On with the Samsung TriFold - DTNS 5180

    01:01:51||Ep. 5180
    Shannon Morse joins us to talk about our favorite things at CES.Starring: Starring Tom Merritt, Robb Dunewood, Sarah Lane, Shannon Morse, Roger Chang, Joe, Amos.Links to the stories discussed in this episode can be found here.

  • 5179. CES 2026 - It's Cars, Chips, and Making Any Toilet Smart - DTNS 5179

    01:06:00||Season 13, Ep. 5179
    Bodie Grimm sifts through the car tech talk, we make chip news interesting, and so much health tech.Starring Sarah Lane, Tom Merritt, Robb Dunewood, Allison Sheridan, Bodie Grimm, Roger Chang, Joe, Amos.Links to stories discussed in this episode can be found here.
Copyright Tom Merritt
Hosted with ❤️ by Acast