Crypto.com Hack Exposes Shortcomings of Multi-Factor Authentication

Inside the $ 7 billion merger of Sequoia Financial and Wealthstone Advisors

Crypto.com did not specify how many unauthorized withdrawals it prevented or how much it paid in reimbursements. Its Jan. 20 postmortem said only that it prevented unauthorized withdrawals “in the majority of cases” and provided reimbursements “in all other cases.” A company spokeswoman declined to provide further clarification on the matter. Among the things Bareisis said Crypto.com did right was suspending withdrawals across the platform until the company addressed the security hole. He also said that reimbursing customers who were affected was “the right thing to do even though it left the company out of pocket.” According to the company, unauthorized transactions totaled 4,836.26 Ethereum (roughly $15.5 million as of early last week), 443.93 Bitcoin (roughly $19 million) and approximately $66,200 in other cryptocurrencies. Company CEO Kris Marszalek told Bloomberg two days later that, given the size of the business, “these numbers are not particularly material.”

An expert said the incident, which affected one of the largest crypto trading platforms in the market, shows the importance of using multiple layers of security and highlights other measures financial institutions can take to fend off a hack. PR Newswire

“Unfortunately, security breaches continue to happen throughout the industry,” said Zilvinas Bareisis, head of retail banking for consulting firm Celent. “Once it did happen, it looks like Crypto.com did a number of things right.” Crypto.com spent a reported $700 million to rename the stadium used by the Los Angeles Lakers.

However, the company mistakenly allowed the transactions to go through without the users providing the one-time password. The company did not specify whether hackers intercepted one-time passwords, whether Crypto.com’s system allowed transactions to go through without the passwords, or whether something else happened. Regardless of how exactly hackers got in, Bareisis said a strong two-factor authentication system is helpful but “usually not sufficient” to prevent attacks. He said “other tools are needed to constantly monitor the risk,” and institutions need ways to flexibly “step up” security as needed. In other words, Crypto.com apparently provided one-time passwords — these are usually six-digit codes provided via text message or in a multi-factor authentication app — to affected users after hackers initiated a transaction from their compromised account.

One problem leading to the attack last week appeared to be a gap in the company’s multi-factor authentication system. The Jan. 20 statement said “transactions were being approved without the 2FA authentication control being inputted by the user.” The Singapore-based cryptocurrency exchange app is a private company and does not publicly disclose financial statements. Marszalek told TechCrunch in 2018 it had close to $200 million on its balance sheet, and a Los Angeles Times report said a deal last year to rename the Los Angeles Lakers’s home stadium the Crypto.com Arena cost about $700 million.

The News Highlights

  • Crypto.com Hack Exposes Shortcomings of Multi-Factor Authentication
  • Check the latest News news updates and information about business, finance and more.
Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Foreign outflows cause China stock market to plummet
Foreign outflows cause China stock market to plummet
The smaller Shenzhen index was down 1.86%, the start-up board ChiNext Composite index was weaker by 1.95% and Shanghai’s tech-focused STAR50 index was down ...
Bell blames outages on an outdated phone network
Bell blames outages on an outdated phone network
CBC Manitoba and the Winnipeg Free Press recognize each other as trusted news sources. This content is made available to our readers as part of a CBC ...
Lasso's presidency is overshadowed by insecurity and fighting with lawmakers
Lasso’s presidency is overshadowed by insecurity and fighting with lawmakers
His $1 billion COVID vaccination programme has aided economic recovery, and his budgetary policies are reducing the large deficit, earning him accolades from ...
Lufthansa acquires 20% stake in ITA Airways
Lufthansa acquires 20% stake in ITA Airways
MSC, also known as Mediterranean Shipping Group, has filed an offer together with Lufthansa and is awaiting the next steps, a company spokesperson said, ...
Boeing exec says no data to support 737 MAX 10 cockpit alert change
Boeing exec says no data to support 737 MAX 10 cockpit alert change
“I personally have no belief that there’s any value in changing the 737,” Mike Delaney, Boeing’s chief aerospace safety officer, told a small group of ...
When buying a work laptop, keep these four things in mind
When buying a work laptop, keep these four things in mind
If your work requires a lot of time spent in high-performing video editing and animation suites, prioritising a device with a high-quality CPU, GPU, and RAM ...
Snapchat stock dropped as a result of the warning
Snapchat stock dropped as a result of the warning
News of Snap’s woes dragged down the shares of many of its rivals. Facebook and Instagram owner Meta Platforms (FB) fell nearly 8% while Pinterest (PINS) ...
Change your passwords if you get this Android alert
Change your passwords if you get this Android alert
Earlier this week, experts issued concerns about new security threats for Android users. As reported by cybersecurity firm Kaspersky on May 6, three apps in ...
Piyush Goyal encourages Indian companies to increase their value-added exports
Piyush Goyal encourages Indian companies to increase their value-added exports
Quoting the Prime Minister, Shri Narendra Modi, Shri Goyal said that India amongst all these problems is an oasis that reflects transparency, offers trust ...
As a reporter receives a £79 repair kit from Apple, Apple Self-Service program is revealed
As a reporter receives a £79 repair kit from Apple, Apple Self-Service program is revealed
It sounded like a big win for the repair movement, but TheVerge reporter Sean Holister tried it out and came away disillusioned with the unnecessary ...
Show next
We will be happy to hear your thoughts

Leave a reply

Compsmag - Latest News In Tech and Business
Logo