TOKYO (TR) – The hackers who swiped 58 billion in the cryptocurrency NEM from the Coincheck exchange last week sent the digital currency to about 20 digital addresses, according to Kyodo News (Jan. 31).
In carrying out the hack, the perpetrators first sent the NEM currency to one unidentified address before it was transmitted to nine other addresses. An online record revealed that some of that currency was then sent to 10 different addresses on multiple occasions between 10:30 p.m. and 11 p.m. on Tuesday, according to the agency, which had viewed records for the case.
The Singapore-based NEM.io Foundation is working with Tokyo-based Coincheck to locate the stolen virtual currency. According to the foundation, a tagging process of the stolen currency allows it to be identifiable when traded via a regulated exchange.
The hack took place early on January 26. According to Coincheck, unauthorized access took place in its system just before 3 a.m. The access was discovered by the company at around 11:00 a.m. that same day. The company then suspended trading of NEM.
Servers in Eastern Europe
According to a previous report, sources with knowledge of the matter said that the hack was the work of persons posing as affiliated parties of Coincheck. It is possible that the perpetrators used servers in Eastern Europe and other areas.
On Sunday, Coincheck revealed that it would reimburse roughly 260,000 victims a total of 46 billion yen. The following day, the Financial Services Agency (FSA) issued a business improvement order to the exchange. The agency said the company failed to implement measures to prevent the hacking.
Coincheck’s failure was the fact that it did not isolate cryptocurrency held by customers from outside networks to prevent illegal access. In the past, the FSA raised concerns with the exchange about its protocol.
Tokyo Metropolitan Police are expected to launch a criminal investigation into the matter, local media said, citing sources familiar with the matter.