Crypto.com Hacked by Scattered Spider Group

Crypto.com Confirms Security Incident

A recent report revealed that Crypto.com had been targeted by the notorious hacker group Scattered Spider. While only a small number of users were affected and no funds were lost, the incident drew significant attention due to its link with a wider string of large-scale attacks worldwide.

CEO Kris Marszalek emphasized on X (formerly Twitter) that accusations of “failing to disclose the breach” were completely unfounded. He stated that the company had filed a data security report with the relevant authorities immediately when the incident occurred, and that the situation was brought under control within a few hours.

Scattered Spider Hackers and Their Tactics

Investigations revealed that the breach was initiated by Noah Urban, a 20-year-old member of Scattered Spider. Urban used social engineering techniques by impersonating staff to trick employees into providing internal login credentials.

Along with his accomplices, the group managed to collect sensitive personal data from some customers. They also carried out similar campaigns targeting over 200 companies across sectors including telecommunications, gaming, and retail. Common techniques employed by the group included SIM swapping, phishing, and exploitation of stolen data.

Sentencing and Consequences

Urban was indicted in late 2024, pled guilty in April 2025, and was recently sentenced to 10 years in prison, along with additional supervised release. Authorities also seized $4.8 million worth of crypto from his personal devices and ordered $13 million in restitution to more than 30 victims out of at least 59 affected across the U.S.

Impact on Crypto.com and Its Users

Although the incident did not cause any direct financial losses for customers, it underscored the risks posed by employee-targeted scams—often the weakest link in cybersecurity frameworks.

Crypto.com has reaffirmed its commitment to strengthening security processes and working closely with blockchain auditing firms to prevent similar incidents in the future.

Conclusion

The Crypto.com case clearly demonstrates that cybersecurity in crypto is not just about technology, but also about human factors. For investors, this is a reminder to protect personal information, stay alert against phishing, and prioritize platforms with transparent risk management practices.

Disclaimer: The content above reflects the author’s personal views and does not represent any official position of Cobic News. The information provided is for informational purposes only and should not be considered as investment advice from Cobic News.