SINGAPORE (CNA) – Singapore-based cryptocurrency exchange platform Crypto.com confirmed that it had been hacked, with the accounts of 483 users being affected.
In a blog post, the company said that on January 17, it learned that a “small number of users” had unauthorised withdrawals on their accounts.
These unauthorised withdrawals totalled 4,836.26 Ethereum, 443.93 Bitcoin and approximately USD66,200 in other currencies.
This amounted to about USD31 million (SGD41.7 million), according to the exchange rate on Friday.
The company had detected unauthorised activity on some accounts on Monday, with transactions being approved without two-factor authentication (2FA) provided by users.
“Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue,” it said, adding that no customers experienced a loss of funds.
Unauthorised withdrawals were prevented in the “majority of cases”, with customers being fully reimbursed in all other cases, the company said. Affected accounts were “fully restored”, it said.
Existing 2FA tokens were revoked, while additional “security hardening” measures were added requiring all customers to login and set up their 2FA tokens again, it added.
Withdrawals were down for about 14 hours, said the company.
