Hackers trying to move Coincheck’s $530m stolen digital cash to other accounts

FOLLOWING the loss of US$530 million worth of cryptocurrency stolen last week from Japan-based Coincheck exchange in one of the biggest heists ever, the foundation behind the missing XEM coins says the hackers behind the theft were attempting to move the digital currency.

On Tuesday, Jeff McDonald of the NEM Foundation (creators of the XEM cryptocurrency), said the company has traced the stolen coins to an unidentified account, and the account owner has started moving the coins onto six exchanges where they could be sold.

Hackers made off with roughly JPY58 billion (US$533 million) worth of the cryptocurrency from Tokyo-based exchange Coincheck Inc late last week, raising fresh questions about security and regulatory protection in the booming market.

The location of the hackers’ account was not known.

“[The hackers are] trying to spend them on multiple exchanges. We are contacting those exchanges,” Singapore-based McDonald told Reuters.

NEM Foundation spokeswoman Alexandra Tinsman said the hacker had started sending out XEM coins to random accounts in 100 XEM batches, worth about US$83 each.

“When people look to launder these types of funds, they sometimes spread it into smaller transactions because it’s less likely to trigger (exchanges’) anti-money laundering (mechanisms),” said Tom Robinson, co-founder of Elliptic, a cryptocurrency security firm in London.

Robinson said that hopping cryptocurrencies was becoming more prevalent among cybercriminals trying to cover their tracks.

The coins that the hackers had taken made up around 5 percent of the total supply of XEM, the world’s 10th biggest cryptocurrency, according to trade website Coinmarketcap.

McDonald said the hackers were unlikely to try to spend all of the stolen cryptocurrency in one go, because the “market simply couldn’t absorb that much”.

If the hackers successfully moved the coins to an exchange, they were likely to try to swap them into another cryptocurrency before transferring the coins back into a conventional currency, he said. That would make the funds difficult or nearly impossible to trace.

“I would assume that they are going to get away with some of the money,” McDonald said.

Why are cryptocurrencies vulnerable to hacks?

ABC News (via the AP) quoted Simon Choi, director at anti-virus software company Hauri Inc, as saying that while a blockchain can be secure, the exchanges that are crucial in increasing the amount of crypto trading do not use the same technology.

“If security on the exchanges’ is not secure, their currencies can be stolen,” Choi said.

“If the exchanges are to play their intermediary role, they should be as safe as banks and strengthen their security.”

Crypto-hopping

At least three dozen heists on cryptocurrency exchanges since 2011 are known; many of the hacked exchanges later shut down. More than 980,000 bitcoins have been stolen, and few have ever been recovered.

In 2014, Tokyo-based Mt. Gox, which once handled 80 percent of the world’s bitcoin trades, filed for bankruptcy after losing bitcoins worth around half a billion dollars – then the biggest ever such heist, which triggered a huge sell-off in bitcoin.

“It shows how far the industry has come that a hack of this scale isn’t really an issue,” said Robinson at Elliptic. “This is just kind of a blip.”

As of 17:44 GMT, XEM was trading at around US$0.83 per coin, with a total market value of around US$7.5 billion. That was around 20 percent lower than trading levels on Friday, when the hack was announced, but XEM is still up almost 300 percent over the past two months.

Japan’s Financial Services Agency (FSA) on Monday ordered improvements to operations at Coincheck, which on Friday suspended trading in all cryptocurrencies except bitcoin.

Additional reporting by Reuters

---

---

---