Crypto.com says Hackers Stole More Than $30M in Bitcoin and Ethereum

crypto hack

Crypto.com told investors that cyberthieves breached its security systems and stole more than $30 million in bitcoin and Ethereum.

In a Thursday (Jan. 20) blog post, the Singapore-based cryptocurrency exchange learned on Monday (Jan. 17) that hackers bypassed its two-factor authentication system and withdrew funds from 483 customer accounts.

The unauthorized withdrawals totaled 4,836.26 ($15 million) Ethereum, 443.93 ($19 million) bitcoin and approximately $66,200 in other currencies, the company wrote in the post.

“Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue,” the company wrote. “No customers experienced a loss of funds. In the majority of cases, we prevented the unauthorized withdrawal, and in all other cases customers were fully reimbursed.”

All customers have been “fully reimbursed” for any lost funds as a result of the hack, Crypto.com said.

The blog said Crypto.com’s risk monitoring systems detected unauthorized activity on a small number of user accounts where transactions were being approved without the factor authentication being keyed by the user.

As a result, this triggered an immediate response from multiple teams to assess the impact, Crypto.com said, and all withdrawals on the platform were suspended for the duration of the investigation.

The suspension lasted about 14 hours, and withdrawals were resumed on Tuesday (Jan. 18).

Crypto.com did not identify the hackers.

In response to the breach, Crypto.com said it introduced the Worldwide Account Protection Program (WAPP) which offers additional protection and security for user funds held in the Crypto.com app and the Crypto.com Exchange.

Breaches of cryptocurrencies have become all too common.

Read more: $196M BitMart Hack Puts Crypto’s Weakness on Display

Last month, crypto exchange BitMart announced a hack of at least $150 million on the evening of Saturday, Dec. 4.

Blockchain security firm Peckshield, which spotted and tweeted a warning of the leak about an hour and a half before BitMart CEO Sheldon Xia announced it, put the losses at closer to $200 million.