Latest findings related to the Coincheck hack that took place back in the month of January show that the hackers were Russian and not North Koreans.
It is suggested that the unknown group of hackers somehow managed to infect computers of employees with the virus to succeed in their evil designs. One of the biggest hacks of its time, Coincheck hack resulted in the loss of about $534 million worth of NEM. Coincheck, a Japanese cryptocurrency exchange, faced a major setback due to the loss of almost half a billion dollars.
The findings also revealed that particularly “Mokes” and “Netwire” viruses were used to execute the hack. It was suggested that somehow via email, hackers were able to install these viruses on the employees’ personal computers. Later, hackers gained unauthorized access to the exchange’s private keys and operated the hack.
As these viruses were previously utilized by Russian hackers, it was concluded that the group of hackers had Russian origin. While investigators are familiar with Netwire for about 12 years, Mokes was introduced eight years ago in June 2011 at a Russian forum.
During the hack, about 523 million NEM were stolen from hot wallets. It was later discovered that as the funds were in hot wallets, they weren’t secured and that’s why the hackers were successful in attaining the private keys for those wallets. Later, even the company itself confessed that NEMs were not stored in the secured multi-signature wallets.
Explaining the methodology opted by the exchange, the representatives of Coincheck elaborated that they had deployed different security protocols for various cryptocurrencies. They claimed that although not for NEM, multisignature wallets were used for other cryptocurrencies. For bitcoin and Ethereum, Coincheck stated that they used cold storage wallets for storing the reserves.
Following the hack, the company decided to refund every user who had suffered losses due to the hack. Apart from existing customers, services provided by the exchange were suspended for all. The company reviewed its management and policies after the hack and plugged all the loopholes detected.
Due to the severe loses, Monex Group took over Coincheck as a wholly owned subsidiary. However, despite extreme losses, the company continued to perform amendments and changes wherever required. Ultimately, all the users affected by the hacks were refunded and the Financial Services Authority (FSA) gave back the license to Coincheck for resuming its operation as a cryptocurrency exchange in Japan.
Japanese Exchange Hacks
Japan has had several security breaches and hacks since the inception of bitcoin. Zaif, another cryptocurrency exchange in the country, suffered a huge blow when cryptocurrencies of $59.7 million worth were stolen by hackers. As the losses were quite enormous, Fisco Digital Asset Group (FDAG) took over Zaif to recover the losses and refund the victims of the hack.
Due to several large scale hacks in the past, several regulatory bodies in Japan have decided to come into action by taking strict measures. For instance, FSA now plays a more exclusive role in ensuring consumer protection. Moreover, FSA also checks if exchanges have deployed effective systems to prevent money laundering. The Japanese regulators have also changed the procedure for crypto exchanges that now are required to attain a license before starting their business operations.
Although blockchain, the technology behind bitcoin and other cryptocurrencies, is applauded for providing security, we frequently witness security lapses in exchanges that results in extreme damage to the image of cryptocurrencies. Recently, the widely known cryptocurrency exchange Binance lost 7,000 bitcoin due to hacking. Moreover, it also provided reasons for adversaries of blockchain and cryptocurrency to bash these innovative inventions.
It is not fair to lay blame entirely on the crypto exchanges for the hacks just as banks are not blamed when they are robbed. In reality, the practices and solutions provided by these exchanges sometime leave a loophole which when capitalized by hackers results in heavy losses. For example, many exchanges don’t go for cold storage, offline storage solutions where the chances of hacks are nearly impossible. Although regulators are stepping up to take measures and introduce a standard, exchanges should also give special attention to these matters and enforce precautionary measures to secure crypto funds and save crypto space from bitter criticism.