Regardless of its size, no centralized cryptocurrency corporation is immune to hacking or theft.
Even Crypto.com was hacked, resulting in the loss of 4,600 Ether. Some of those funds are now being laundered through the Tornado Cash Ethereum mixer, causing market volatility.
Several users have confirmed that cash from their wallets has been taken in recent days. While the business argues that this only impacts a “limited number of users,” it has compelled Crypto.com to halt all platform withdrawals.
Even more troubling is the fact that several of the impacted customers had two-factor authentication enabled, but it wasn’t enough to keep their accounts safe.
According to on-chain statistics, the $15 million in ether (4,600 ETH) stolen from Crypto.com in Singapore is presently being laundered through Tornado Cash, an Ethereum Mixer.
Tornado Cash is an ETH aggregator protocol that aims to increase transaction privacy by masking with the anon link between its source and destination.
Crypto.com Loses 4,600 ETH
4,600 Ether has been taken, and it appears that the funds are making their way through the Tornado Cash Ethereum mixer. Tornado Cash, for the unversed, lets users improve their anonymity by hiding on-chain relationships between the source and recipient of payments moved through it.
In a previous interview with CoinDesk, Tornado Cash co-founder Roman Storm stated that the system works with regulators to alleviate their concerns. Tornado Cash V2 contains a cryptographic notation in the ether sent over its pipes transaction history that can be used to determine fund provenance.
“We’re in a unique circumstance [in comparison to other mixer wallets].” “I believe it is critical for us to become compliant,” Storm previously told CoinDesk. “We do what we believe to be the correct thing to do.”
Many unsettling concerns must be answered when occurrences like these occur. In theory, bypassing 2FA is difficult unless it is an inside job or the user is the victim of a SIM Swap assault. Unfortunately, it does not appear that any of the impacted customers have chosen the latter choice. That doesn’t rule out the possibility of an inside job, as all monies were taken from the hot wallet rather than cold storage.