Hundreds of Crypto.com accounts hacked after it was hit by major data breach

Cryptocurrencies
(Image credit: Shutterstock / Wit Olszewksi)

One of the world’s biggest and most popular cryptocurrency exchanges has been hit by a major data breach.

Talking to Bloomberg, Crypto.com, CEO Kris Marszalek confirmed that the recent data breach resulted in funds being taken from roughly 400 accounts.

While it's not yet known what exact sum was taken, Bloomberg estimates the losses were “in the millions," with Marszalek confirming that all losses were reimbursed and that the company barely felt it, given its size.

Hacks and scams

“Obviously, it’s a great lesson and we are continuously strengthening our infrastructure,” Marszalek added. “Given the scale of the business, these numbers are not particularly material and customer funds were not at risk.” 

The technical details of the breach, including if any endpoints from the company side were compromised by malware, are still unknown, with Marszalek promising a detailed breakdown at a later date.

Cryptocurrency exchanges and wallets are generally considered secure, with the majority of incidents happening due to fraud and identity theft, and not technical vulnerabilities. The very nature of blockchain technology, which makes it virtually impossible to retrieve the funds once they’re sent, makes it very interesting for fraudsters and other malicious actors.

In fact, the amount of funds linked to cryptocurrency-related crime rose by almost 80% last year, recent figures from the blockchain data platform Chainalysis show. Illicit addresses received $14 billion worth of cryptocurrency over the course of 2021, up from $7.8 billion the year before, the report says. 

However, total transaction volume across all cryptocurrencies rose by 567% from 2020 highs, totaling $15.8 trillion. In total, transactions involving illicit addresses accounted for just 0.15% of overall traffic.

Most crypto frauds these days revolve around so-called “rugpulls”. A rugpull happens when the project’s developers siphon out all of the liquidity out of their token, leaving investors with virtually zero value in their investments. This is, obviously, a heavy oversimplification of the method, but the result is the same. 

Besides rugpulls, people fall for the age-old “I’ve sent Elon Musk 0.1 BTC and he’ll return 1.0 BTC tomorrow” fraud so often that a Twitter bot is able to track known “fake Elon Musk” addresses, reporting when people send their hard-earned crypto assets. 

  • You might also want to check out our list of the best firewalls right now

Via: Bloomberg

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Ethereum
Hackers steal over $1bn in one of the biggest crypto thefts ever
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
North Korean flag with a hooded hacker
FBI says North Korean Lazarus hackers were behind $1.5 billion Bybit crypto hack
Smartphone with new logo X twitter app background. Application twitter old blue bird change X black and white new.
Phishing campaign targets prominent X users, accounts at risk
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras