Crypto.com, one of the most popular cryptocurrency exchange services, suspended the ability to withdraw funds for several hours and then asked users to reset two-factor authentication.

We have a small number of users reporting suspicious activity on their accounts. We will be pausing withdrawals shortly, as our team is investigating. All funds are safe. Crypto.com (@cryptocom) January 17, 2022

“We have a small number of users reporting suspicious activity on their accounts. We will suspend withdrawals shortly while our team investigates. All funds are safe,” Crypto.com said yesterday. Withdrawals were suspended for around 14 hours, when Crypto.com announced that it had reactivated them and had to clear up some backorders.

Meanwhile, the company has informed users about the need to log in again in their accounts and to reset the two-factor authentication mechanism. In the replies to the Tweet shared by Crypto.com, some users complained about the presence of outgoing transactions that were not carried out, but which subtracted from their accounts amounts in the order of a few thousand dollars.

The most worrying aspect, however, is the fact that unauthorized transactions would also have occurred on some accounts with active two-factor authentication, particularly that it could indicate a more serious problem and not simply a brute-force or credential stuffing attack.

The @cryptocomloss is about $ 15M with at least 4.6K ETHs and half of them are currently being washed via @TornadoCashhttps://t.co/PUl6IrB3cp https://t.co/6SVKvk8PLf

pic.twitter.com/XN9nmT857j PeckShield Inc. (@peckshield) January 18, 2022

However, the yellow on what happened remains: the blockchain analysis company PeckShield has in fact declared on Twitter that, observing the transactions on the blockchain, Crypto.com would have suffered a total theft of 4600 ETH, equal to approximately 15 million dollars.

Some thoughts from me on the last 24 hours: – no customer funds were lost

– the downtime of withdrawal infra was ~ 14 hours

– our team has hardened the infrastructure in response to the incident We will share a full post mortem after the internal investigation is completed. Kris | Crypto.com (@Kris_HK) January 18, 2022

The company, via a tweet from the CEO Kris Marszalek, denies that user funds have been stolen and that he will share further information once the internal investigation is completed.