New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

483 Crypto.com Accounts Compromised

Crypto.com has confirmed that a multi-million dollar cyber-attack led to the compromise of around 400 of its customer accounts. Although, the company’s CEO stresses that customer funds are not at risk. With regards to daily trading volume, Crypto.com is reportedly the world’s third-largest cryptocurrency trading platform “on a mission to accelerate the world’s transition to cryptocurrency.” In an interview with Bloomberg Live, Crypto.com’s CEO Kris Marszalek acknowledged that around 400 customer accounts were compromised following a recent hack suffered by the platform. Researchers had previously estimated the impact of hack to be anywhere between $15 and $33 million. But, Marszalek stressed in the interview, “these numbers aren’t particularly material and customer funds were never at risk.” In the same TV interview, Marszalek didn’t directly answer the question, “what was behind this hack?” but did state that a postmortem was ongoing and that financial regulators hadn’t yet reached out to the company. Crypto.com had first detected the cyber incident via its risk monitoring systems on January 17th, 2022, when “a small number of users had unauthorized crypto withdrawals on their accounts.” “Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue,” states the company. Following the detection of the suspicious activity, the withdrawal infrastructure was shut down for approximately 14 hours as a caution. The platform additionally revoked two-factor authentication (2FA) tokens for its users, now prompting them to log back into the app and set up new 2FA tokens. Although, at the time, many customers reported issues when attempting to follow the reset procedure. Withdrawal transactions were resumed on January 18th, at around 5:46 PM UTC, according to the company, after additional “security hardening measures” were put in place.

Analyst Notes

If not already done, all users of Crypto.com are highly recommended to change their login credentials. It is always advised to use a complex password using case-sensitive characters, special characters, and alpha-numeric combinations. The password should be unique to the login and never shared. Also, wherever multi-factor authentication (MFA) is available, it should be used. Lastly, if unusual activity is discovered, it should be reported to the appropriate company, I.E. Crypto.com and/or your bank.

https://www.bleepingcomputer.com/news/security/483-cryptocom-accounts-compromised-in-34-million-hack/