A third-party blockchain research company OXT Research has uncovered a loss of 444 BTC in addition to 4,600 ETH in the recent CRYPTO.COM hack.
The recent hack of Crypto.com saw 4.6K (~$15M) of ETH stolen, according to Peckshield. BeInCrypto recently reported losses of 2-5 ETH for several users, and the Twittersphere was in an uproar. The alleged hacker laundered heist proceeds via Tornado Cash, a tool that masks the link between the source and destination funds. The funds on Jan. 18, 2021, in 48 deposits of 100 ETH and three deposits of 10 ETH to Tornado Cash.
Now, an anonymous on-chain analyst @ErgoBTC, working for OXT Research, has uncovered a larger heist totaling closer to $33M. Shortly after the heist, the CEO of Crypto.com said that no user funds were stolen. It does now appear that $18.5M worth of BTC was removed from Crypto.com’s payout
OXT Researcha 52.55 BTC payout from a crypto.com hot wallet. Following this, a number of withdrawals were executed in batches of four transactions of 67.55 BTC. The withdrawals totaling 271 BTC were sent to a bitcoin tumbler suspected of connections with the North Korean cybercrime syndicate, The Lazarus Group. Also, 173 BTC has not been sent to a tumbler, but was transferred to an associated with the hack at the same time as the hack, and appears to be part of the heist. The total loss of BTC is thus believed to be 444 BTC.
CEO still adamant that user funds are safe
The CEO of Crypto.com continues to reassure customers that none of their funds were lost. But many ave taken to Twitter to express their frustration and allege that they experienced some loss. Withdrawals were down for approximately 14 hours, and “the team has hardened the infrastructure in response to the incident.” An announcement was made at 5:42 PM on Jan. 17, 2022, that withdrawals had come back online. The CEO has also said that the company is conducting a full investigation and will release a postmortem once it is complete. It is unclear at this point how the attack was executed.
Lazarus group notoriety
BeInCrypto recently reported that the Lazarus Group, which used the same as the Crypto.com hack, was responsible for the theft of over $400M in 2021. The United States believes that the Lazarus Group is controlled by the Reconnaissance General Bureau of . It is thought that the group used phishing, code vulnerabilities, and sophisticated social engineering attacks to steal the funds.