What happened?
‘Crypto.com acknowledged that it had lost $34.65 million worth of cash, Bitcoin and Ethereum after getting ransacked in an attack that slipped fat transactions past two-factor authentication (2FA).’
‘The exchange plans to release additional end-user security features as it moves away from 2FA and on to what it called “true” multifactor authentication (MFA).’
Lisa Vaas, via https://threatpost.com shows how relying on a technology that seemed to have worked in the past gives a false sense of security:
https://threatpost.com/2fa-bypassed-crypto-com-heist/177846/
