Security News
The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. In August 2022, Lazarus was seen targeting IT workers with malicious job offers that impersonated Coinbase and targeted users with Windows malware or macOS malware.
Details of how the crooks pulled off the attack aren't given in the report, which says simply that "Transactions were being approved without the 2FA authentication control being inputted by the user." What the report doesn't explain, or even mention, is whether 2FA codes were entered by someone - albeit not by customers themselves - in order to authorise the fraudulent withdrawals, or whether the 2FA part of the authentication process was somehow bypassed entirely.
In spite of customers having reported losses over the weekend, Crypto.com's Thursday statement said that the heist happened on Monday at about 12:46 a.m. UTC. That's when the exchange's risk monitoring systems picked up on unauthorized transactions coming out of 483 accounts and being approved without users' 2FA authentication. The exchange fully restored the affected accounts, revoked all 2FA tokens and added additional security hardening measures, requiring all customers to re-login and set up their 2FA token.
Crypto.com on Thursday said in a roundabout way that an unidentified person stole or attempted to steal as much as $34m in cryptocurrency from customer accounts. In an update on the cyberattack reported earlier this week, the Singapore-based firm said it "Learned that a small number of users had unauthorized crypto withdrawals on their accounts."
Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Crypto.com CEO: 400 customer accounts hit.
Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts.Crypto.com CEO: 400 customer accounts hit.
Crypto.com, a Singapore-based cryptocurrency exchange, has denied reports that the firm lost nearly $15m in Ethereum in a possible network intrusion over the weekend. According to blockchain biz PeckShield, Crypto.com lost about $14.3m or 4,600 ETH, based on its analysis of public blockchain addresses.