Enlarge image
Promotes Crypto.com: Matt Damon
Photo: Vianney Le Caer / dpa
»Fortune favors the brave« is the currently ubiquitous advertising slogan of Crypto.com - »Fortune favors the brave«. For the campaign with Hollywood star Matt Damon, the Singapore-based trading platform for cryptocurrencies and NFTs has already received plenty of deserved ridicule. The commercial equates a "bold" investment in bitcoin and blockchain ownership certificates for digital monkeys with historical, lethal aerospace pioneering feats, among other things.
This week, the advertising slogan sounds inappropriate in a completely different way. Crypto.com, one of the largest marketplaces of its kind in the world, has admitted 483 of its customers have been hacked after days of beating around the bush. A total of 4836.26 ethers and other cryptocurrencies worth $66,200 were stolen during the digital robbery. Ether and by-catch are worth more than $33 million in total. So luck helps criminals too?
In any case, those affected have known since Monday at the latest that something is wrong with Crypto.com.
Not just because they could see it in transactions they didn't initiate.
But also because Crypto.com announced that it would block all withdrawals “soon” because “a small number of users had reported suspicious activity in their accounts”.
But all deposits are safe, it said, even when Crypto.com logged out and forced all users to reset their two-factor authentication.
We apologize for the inconvenience, "but safety comes first".
For the CEO "obviously a great lesson"
First of all, however, came the thieves.
The blockchain analysis company PeckShield reported on Tuesday that at least 4,600 ethers worth $15 million were stolen and large parts of them were immediately washed in a so-called mixer in order to obfuscate further transactions.
But shortly afterwards there were the first reports that the damage was at least twice as high.
Crypto.com CEO Kris Marszalek announced on Tuesday that "no customer deposits were lost," which of course those affected saw very differently until Crypto.com replaced their losses.
Luck in disguise, or as »ZDNet« puts it: »Fortune favors the breached«, luck helps the hacked.
Marszalek only admitted the approximate extent of the hack in an interview with Bloomberg on Wednesday evening. There were "about 400" victims, all were compensated and the whole thing was "obviously a great lesson". In view of the size of the company, the amount of damage was "not particularly significant".
Now the platform operators have published a blog post about the incident.
However, it does not say exactly what the vulnerability was that the perpetrators were able to exploit.
Crypto.com only announced that transactions could be approved without being asked for a second factor of authentication.
The platform calls the theft "unauthorized takeoff," with "the majority of cases prevented."
The company also reiterates that "no customers have experienced a loss."
Crypto.com seems to define "experienced" as creatively as it does "brave".
After all, the platform is not alone.
At least three other cryptocurrency and NFT trading venues have been compromised since the beginning of the year – not counting frauds initiated by such providers themselves.
Today is January 20th.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/MHGXPOLQYQNCEWO3X4B45KQDNA.jpg)
