Crypto.com has stopped withdrawals on the platform for a few hours to investigate suspicious withdrawals. Supposably, the stolen funds have then been laundered through the Ethereum coin mixer, Tornado Cash.
Crypto.com suspends withdrawals
On January 17, a new threat has been detected on one of the most popular cryptocurrency exchanges. According to the official Crypto.com Twitter account, the platform disabled withdrawals for all users, to investigate a suspicious activity reported by a group of users.
We have a small number of users reporting suspicious activity on their accounts.
— Crypto.com (@cryptocom) January 17, 2022
We will be pausing withdrawals shortly, as our team is investigating. All funds are safe.
While the exchange didn’t give many details about the “unauthorized activity” that has been reported, it did mention that all funds are safe and that this is a mere safety precaution.
The exchange sent out an update several hours later advising users to sign back in and reset their two-factor authentication (2FA). A few hours later, at 4 pm UTC time, CEO Kris Marszalek tweets that final checks and that withdrawals will be resumed within the next 30-60 minutes.
At around 5:40 pm UTC, Crypto.com announced that users can now withdraw their funds and that all funds are safe, but some delays can be expected.
While safety is a big concern to custodial cryptocurrency exchanges, including Crypto.com, many investors are suspicious when it comes to such news. During periods of high volatility, crypto exchanges are known to suspend withdrawals or other services when there is a spike in demand. One such instance was in November 2021 when Binance stopped all crypto withdrawals because of a large backlog.
Were funds stolen from Crypto.com?
Dogecoin founder, Billy Markus, was the first to notice on-chain suspicious activity. In fact, there was a pattern in transactions with one wallet receiving multiple transactions. He also asked if the funds were secure and if it was an internal job.
While Crypto.com claims that all funds are secure, many users dispute this claim.
Ben Baller, a crypto enthusiast and famous jeweller, claimed his account was hacked and 4.28 ETH (~$15,000) were stolen. The theft occurred despite the fact that he had a 2-factor authentication. Others have had the same experience and many pointed out that they lost part of their assets from their Crypto.com accounts.
The users have claimed to be missing digital assets from their accounts, including Shiba Inu, Dogecoin, Ether and Bitcoin. Users also noted that even though withdrawals were halted, assets were still disappearing and transactions were being processed.
Customer support has been contacted by a user who claimed that he lost his Bitcoin during the event. However, the exchange has yet to confirm that some users were affected by the incident.
But none of the official channels mentioned anything about this and Crypto.com underlined that all funds remain safe but has introduced new procedures to increase security for all accounts. Users will now need to sign back into the Crypto.com App or Exchange accounts and reset their 2FA.
Crypto stolen from Crypto.com is laundered via Tornado Cash
According to on-chain data, the $15 million worth of ether (4600 ETH), stolen from Singapore-based cryptocurrency exchange Crypto.com, is currently being laundered by Tornado Cash, an Ethereum Mixer.
Tornado Cash, an Ethereum mixer protocol, was launched in 2020 and is a service that promises to increase transaction privacy by obscuring any on-chain link between source and receiver of ether. Mixer protocols or cryptocurrency tumblers are sometimes used to conceal identities. However, they are also used to launder funds related to organized crime.
Peck Shield first noticed on-chain data suggesting that the 4,600 ether is being sent through a mixer in batches of 100.
Roman Storm, Tornado Cash’s co-founder, previously stated that the protocol works with regulators. Tornado Cash V2 includes a cryptographic notice in the transaction history for ether sent through its pipes. This note can be used to establish fund provenance. Storm stated that it was very important for us to comply with the regulations and that they’re different from other crypto mixers – “We do what feels right.”
It has been speculated that the total value of lost funds is around $15 million, but some speculated that it’s probably much more. However, some of the funds seem to have found their way back to their owners.
We’ll probably have to wait and see if all was a big coincidence or if Crypto.com account really did get scammed.