How did hackers bypass 2FA during the $35 million Crypto.com hack?
As the dust settles on the recent Crypto.com hack, observers wonder how thieves managed to crack security procedures to steal millions in crypto.
Crypto.com has not released precise details on how hackers managed to bypass security. But, the incident raises doubts about the effectiveness of two-factor authentication (2FA).
Crypto.com targetted in $35 million hack
Last week, Crypto.com CEO Kris Marszalek said an “unauthorized activity” event had occurred. At the time, he reported no user funds were lost during the incident.
Crypto.com shut down withdrawals and began investigating suspicious activity to combat the breach. Full service was then resumed within 14 hours.
Despite initial claims that no user funds were lost, users and third parties, including blockchain security firm Peckshield, said unauthorized withdrawals had happened.
Since then, following its investigations into the matter, Crypto.com has released a report of its findings. It shows hackers managed to steal around $35 million of cryptocurrency, mainly consisting of Ethereum. The firm was keen to stress that affected users were reimbursed for their losses.
“The incident affected 483 Crypto.com users.
Unauthorised withdrawals totalled 4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other cryptocurrencies.”
The report added that hackers were able to get withdrawals approved without 2FA codes being inputted by the user.
“risk monitoring systems detected unauthorized activity on a small number of user accounts where transactions were being approved without the 2FA authentication control being inputted by the user.”
Is two-factor authentication safe?
2FA is a security system that requires two separate, distinct forms of identification to access or action something. It is meant to stop unauthorized activity even if the account password is compromised.
There are various types of 2FA, including single-use code sent by SMS to phone or time-based one-time passwords generated by a phone authentication app.
While 2FA seems secure at face value, it is not infallible for many reasons. To begin with, hackers can still gain account access through phishing attacks, account recovery procedures, and malware.
There is also the issue of intercepting SMS codes. This is possible through tricking phone networks into transferring the victim’s number to a new SIM card.
Although phone authentication apps are more secure than SMS codes, reports exist of malware copying and sending codes to hackers.
Crypto.com did not go into detail on how hackers managed to bypass 2FA. It’s unknown whether the fault lies with 2FA or a flaw in Crypto.com’s security protocol regarding 2FA.
Nonetheless, enabling and using 2FA remains good practice.
The post How did hackers bypass 2FA during the $35 million Crypto.com hack? appeared first on CryptoSlate.