Crypto.com CEO Kris Marszalek confirmed that the “nothing to worry about” tech glitch that prevented consumers from withdrawing money for 12 hours was indeed a hacking attack and led to losses of $34m.
The first to suspect this was a Reddit community which rallied on the popular online forum and said that Crypto.com appeared to be being attacked.
Crypto.com denied this and argued that no funds had been lost. However, a day after the attack, Marszalek adjusted the story.
Some 483 accounts have been compromised with the losses amounting to 4,836.26 ETH, 443.93 BTC and approximately $66,000 in other currencies.
This means that Crypto.com has cost its users a total of $34m. The exchange initially wanted to put people at ease, and in the company’s defense, it was still running internal audits.
However, PeckShield Inc, a security company, reported that Crypto.com had indeed been hacked and that the losses were around $15m.
This figure was later corrected by Marszalek himself. He received criticism online for conveying wrongful information to consumers, as his January 17 tweet stated that no consumer funds had been lost.
Meanwhile, the company acknowledged that it might need to revise its 2FA infrastructure, one of the safest ways to keep your accounts protected. Crypto.com may even consider a multi-factor authentication in future.
Crypto.com has decided to launch a Worldwide Account Protection Program (WAPP) which will be able to restore up to $250,000 in the event of losses, which will be little compensation for the people who lost more than that amount.