A Tokyo cybersecurity firm has confirmed that nearly all of the USD 550 million worth of NEM cryptocurrency (XEM) stolen in a January 2018 heist has been moved on the dark web. The funds were initially stolen through Japanese cryptocurrency exchange platform Coincheck, in the form of 500 million NEM tokens.
The tokens were tracked by cybersecurity firm Takayuki Sugiura of L Plus. As reported by Nikkei, the firm tracked the tokens through their online transaction record to a website set up on the dark web, maintained to trade the stolen currency for alternative virtual coins. The website was estimated to have been set up around 7 February, but due to the highly anonymous nature of the dark web, the identity of the perpetrators could not be tracked.
Where does the investigation stand?
By the middle of March, the website appeared to show 50% of the stolen currency had been exchanged with unknown buyers. This led the non-profit foundation to give up their tracking of the stolen tokens. The team provided by the Tokyo police department of around 100 investigators continued their inquiry.
The results of the investigation show the virtual currencies received in exchange for the stolen NEM were saved in a number of different online wallets. Some of the wallets stored up to several million dollars in Bitcoin. Investigators believe the cryptocurrencies will be cashed out for fiat currency in the near future, using overseas exchange platforms that do not carry out thorough identity checks.
As of last Thursday evening, the website initially set up on the dark web displayed zero balance of NEM tokens, indicating they were all successfully moved.
What this means for crypto companies
Hacking perpetrated against Japan’s traditional banks’ online services is down both in volume and number in the last several years. This signals that those planning online heists may be targetting the emerging market of cryptocurrencies. During an initial coin offering (ICO) of a cryptocurrency startup, the financial investment in security measures protecting customers may be lower than that traditional banks can provide.
In order for cryptocurrency trading platforms to maintain a solid reputation for security, know-your-customer (KYC) and ID checks should be standard. Traders are not recommended to use exchange platforms that do not request proof of identification.
Coincheck refunded users who suffered from the security breach on 12 March in Japanese Yen.