Crypto.com breach may be worth up to $33M, suggests onchain analyst

Published at: Jan. 19, 2022

Onchain analyst claims that Crypto.com's loss in the latest security breach might have been worth more than the reported $15 million.

Pseudonymous ErgoBTC, an on-chain analyst at Bitcoin (BTC) research firm OXT Research, claims that the Crypto.com security breach that was said to have resulted in the loss of 4.6K ETH ($15 million), may be worth up to $33 million.

Adding another 444 BTC to the previously reported 4.6k ETH from yesterday's @cryptocom hack.Still no acknowledgement of loss, despite large outflows from the custodial wallet into ETH's Tornado Cash and a well known BTC tumbler (as detailed below). pic.twitter.com/GalJKM6bi9

— ∴Ergo∴ (@ErgoBTC) January 18, 2022

On Monday, reports emerged that Crypto.com had halted withdrawals "after a small number of users" experienced suspicious transactions on their accounts. The cryptocurrency exchange has since resumed withdrawals and confirmed that its users' money was 'safe,' but reports emerged later that it had lost 4.6K ETH ($15 million) and was being laundered using Tornado Cash.

ErgoBTC tweeted on Tuesday suggesting that another 444 BTC ($18.5 million) had been stolen from Crypto.com's payout wallet. ErgoBTC said that OXT Research discovered a suspicious transaction of 52.55 BTC ($2.18 million) from Crypto.com's custodial wallet.

Following the transaction, “several hundred withdrawals” were made which were then combined into four outputs worth 67.75 BTC ($2.81 million) each, as per ErgoBTC. The four batches amounted to 271 BTC ($11.25 million), all of which were laundered via Bitcoin tumbler- a service that allows customers to combine several transactions and make it more difficult for investigators to trace Bitcoin transfers.

The Bitcoin tumbler allegedly utilized by the alleged perpetrators to wash the 271 BTC is a well-known tool employed by the North Korean cybercrime syndicate, Lazarus, according to ErgoBTC's tweet.

According to ErgoBTC, the criminals behind the Crypto.com security breach also controlled another address holding 172.9 BTC ($7.25 million). Blockchair data reveals that the address received the funds at about the same time as the other transactions linked to the Crypto.com hack. However, as of the publishing of this article, the purported hacker has not transferred the funds through a bitcoin tumbling service yet.

Related: ImmuneFi report $10B in DeFi hacks and losses across 2021

At the time of publishing Crypto.com is yet to acknowledge any losses. Cointelegraph reached out to Crypto.com for more details regarding its decision to halt withdrawals, but did not receive a response as of publishing time. This article will be updated pending new information.

Tags
Related Posts
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Here's how to quickly spot a deepfake crypto scam — cybersecurity execs
Crypto investors have been urged to keep their eyes peeled for "deepfake" crypto scams to come, with the digital-doppelganger technology continuing to advance, making it harder for viewers to separate fact from fiction. David Schwed, the COO of blockchain security firm Halborn told Cointelegraph that the crypto industry is more “susceptible” to deepfakes than ever because “time is of the essence in making decisions” which results in less time to verify the veracity of a video. Deepfakes use deep learning artificial intelligence (AI) to create highly realistic digital content by manipulating and altering original media, such as swapping faces in …
Blockchain / Jan. 13, 2023
The impact of Bitcoin hacking incidents on the crypto market
In the 2013–2017 period, 29 hacks occurred in the Bitcoin market where a total of 1.1 million Bitcoin were stolen. Noting that the average price for Bitcoin (BTC) in December 2020 exceeded $20,000, the corresponding monetary equivalent of losses is more than $22 billion, which strongly highlights the societal impact of this criminal activity. What did crypto exchanges do to address this problem? Nowadays, about 90% of exchanges use some kind of cold storage system, which means that digital assets are stored offline. Keeping Bitcoin offline considerably reduces the threat from hacking attacks. Related: Roundup of crypto hacks, exploits and …
Blockchain / Jan. 24, 2021
Truth or fiction? Popular former hacker claims to have $7B in BTC
A former blackhat hacker who goes by the name Gummo online claims to have amassed around $7 billion worth of Bitcoin (BTC). Despite a flood of positive comments and posts relating to his interviews with the Soft White Underbelly YouTube channel — which has 3.18 million subscribers — information about Gummo is scarce elsewhere, which could either be by design or suggest that a large pinch of salt may be required when listening to his extravagant claims. He said that he has been working in the field for more than 30 years, and while he started hacking for illicit reasons …
Blockchain / March 16, 2022
Infamous North Korean hacker group identified as suspect for $100M Harmony attack
The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol. According to a new report published Thursday by blockchain analysis firm Elliptic, the manner in which Harmony’s Horizon bridge was hacked and the way in which the stolen digital assets were consequently laundered bears a striking resemblance to other Lazarus Group attacks. “There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen …
Blockchain / June 30, 2022