Bitcoin and Ethereum theft: $ 30 million stolen

More than $30 million worth of bitcoin and ethereum was stolen from Crypto.com recently, according to the company.

How Bitcoin and Ethereum were stolen

A hacker was able to defeat the two-factor authentication mechanism of Singapore-based cryptocurrency exchange Crypto.com and remove cash from 483 client accounts, according to a statement the Singapore-based crypto exchange made on its corporate blog. Crypto.com is famous for its viral commercial featuring Matt Damon and its recent $700 million contract to rename the Staples Center in Los Angeles as Crypto.com Arena.

There were 4,836.26 ETH withdrawals and 443.93 BTC withdrawals that were “unauthorized,” according to the company’s statement.

According to Crypto.com, all clients who lost money as a consequence of the attack have been refunded.

An explanation of how the hack occurred is provided in a blog post. An explanation of what happened and how it was discovered as well as a “next action” are provided, but no information is given about who was behind the breach.

Belated confirmation has been attributed to Crypto.com’s public declaration three days after the theft. In an interview with Bloomberg, Crypto.com CEO Kris Marszalek admitted that 400 of his company’s customers’ accounts had been compromised.

“Given the scope of the firm, these statistics are not especially significant and client money was not in danger,” 

the CEO said to Bloomberg.

Suspicious Activity

Following user concerns of “strange behavior” on their accounts, the business sent a tweet announcing a temporary ban of withdrawals.

According to the firm:

“We’re going to put a hold on withdrawals until our investigation is complete. All of your money is secure and sound “.

Users of online accounts are required to provide a one-time passcode in addition to their normal password as part of the multi-step authentication process called “two-factor authentication,” or 2FA. Digital currency accounts need 2FA, which is widely utilized in all businesses. However, the compromise on Monday raises doubts about the security of 2FA in protecting digital assets.

For the time being, Crypto.com says it will continue to use 2FA, but that may change in the future.

For now, the business is using 2FA  for “real Multi-Factor Authentication (MFA), providing additional strength for our worldwide user base,” but it expects to switch to MFA “in the near future.”

How to prevent crypto theft?

Buying famous digital currencies like Bitcoin or Ether on an exchange is a common practice for investors who want to retain their money in that exchange. Cryptocurrencies like Bitcoin and Ethereum are protected by their own set of security measures to guard against hacking.

Securing your wallet is a great strategy to safeguard your investment. However, new wallet designs are being introduced on a regular basis. Hardware devices seem to be the better of the two.

These “cold” wallets, which appear like USB drives, hold tokens or currencies in a tangible form. A private key is associated with each hardware wallet, allowing you to decrypt the wallet and have access to the coins or tokens it holds. Losing your password key means you’ll never be able to access your digital assets again, which is why hardware wallets are such an effective deterrent to digital criminals.

cold wallet
A cold wallet to manage cryptocurrencies

A safe online wallet is a good alternative for people who are wary about putting their money into a digital currency investment on a physical device. These are similar in function, but do not need the use of a mobile device.

Similar to offline wallets, online wallets often include non-recoverable private keys, making it imperative that you keep your private key somewhere safe that you’ll remember. Individuals have gone to great lengths to keep their keys secure, such as storing them in safe deposit boxes or encrypting them in graphic files. Some people have even had their passwords tattooed on their skin.

Paper wallets are a specific sort of internet wallet that may be used to store digital currency. Web systems like BitAddress or WalletGenerator produce them. To print out a Bitcoin address or private key, you may use one of these programs. The CryptoHex wallet adds a new layer of security to the operation. A metal strip is used instead of a sheet of paper to write or punch out the important information. If you’re looking for the most secure choice, you may want to stick with one of the alternatives above.

Digital currency exchanges handle the majority of transactions using cryptocurrencies. In order to utilize these services, users must either use fiat money or another cryptocurrency to purchase and sell.

For the first $250,000 deposited or kept in U.S. Dollars, some of these exchangers do provide FDIC protection, just like any other bank.

Because of two key reasons, experts in the field of cryptocurrency security advise against storing any digital currency assets on an exchange. First and foremost, if the exchange is breached, your assets may be lost. You may not be able to get your money back if the exchange goes out of business for whatever reason, since the exchange retains your cryptocurrency on an IOU basis.

 


Source: https://en.cryptonomist.ch/2022/03/07/bitcoin-and-ethereum-theft-cybercriminals-have-stolen-30-million/