Suspicious (ETH) Transaction Activity Confirmed by Crypto.com

Several Crypto.com users reported that their wallets suffered suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite having 2FA enabled.

Crypto.com, a popular app-based cryptocurrency exchange headquartered in Singapore has confirmed that a “small number” of its users experienced unauthorized activity in their accounts earlier on Monday (17th) morning.

Although Crypto.com did not confirm the exact number of impacted customers, in a series of tweets, the exchange did assure that “all funds are safe.”

It all started when several tweets emerged from users reporting stolen funds as a result of suspicious activity on their Crypto.com account. According to a tweet by actor Ben Baller, a Crypto.com user, he informed the exchange about suspicious activity hours ago that bypassed 2FA protection on his account resulting in a loss of 4.28 ETH ($13,769).

Another user going by the Twitter handle of @qudah_mohamed claimed that they witnessed multiple transactions of .12 BTC ($5000).

@NickDushko tweeted that his Crypto.com wallet was hacked and someone made 7 transactions of .27 BTC ($11,000).

One Crypto.com user @yougesify shared their side of the story and claimed that his wife had 17.43 ETH ($56,114) wiped from her wallet even though she had 2FA on.

The tweets from Crypto.com users complaining of multiple unauthorized login attempts and suspicious activities can be seen under the exchange’s tweet here.

Update from Crypto.com

At 4:44 AM (GMT) Jan 17, 2022, Crypto.com said that it was pausing all withdrawals amid reports of suspicious activity and investigating the issue. In an update tweet at 12:17 PM (GMT) Jan 17, 2022, Crypto.com’s CEO Kris Marszalek said that “all funds are safe,” while the exchange announced enhancing security on all accounts including resetting 2FA on all accounts.

Earlier today a small number of users experienced unauthorized activity in their accounts. All funds are safe. In an abundance of caution, security on all accounts is being enhanced, requiring users to: -Sign back into their App & Exchange accounts -Reset their 2FA.”  
- Crypto.com

In a conversation with Hackread.com, Alfie Williams, Project Director at upcoming cryptocurrency and blockchain security-related project Verify Lens, said that due to the sudden surge in attacks against cryptocurrency exchanges there is no surprise in the latest events against Crypto.com affecting its unsuspecting users.

This breach thrusts cryptocurrency exchanges back into the limelight for all the wrong reasons and further underlines the need for caution when storing crypto.
Although the full impact of the breach will not be known for some time, it has brought to light the importance of personal security.
Verify recommends following Crypto.com’s advice in resetting the 2FA and further recommends cold storage wallets for added security.”
Alfie Williams

Unanswered questions

At the time of publishing this article, all withdrawals at Crypto.com were restored however the exchange did not share exactly what happened, how much funds were stolen, how ‘attackers’ were able to log into users accounts even though they had 2FA enabled, and how there were withdrawals without users permission/knowledge.

Nevertheless, if you are a Crypto.com user keep an eye on your wallet, make sure you have 2FA and Face ID enabled at all times.