Japanese cryptocurrency exchange , one of the largest in the , was the victim of a resulting in a loss of 523 mln NEM coins, worth approximately $534 mln.
The coins were stolen via several unauthorized transactions from a hot wallet at 3:00 am local time on Friday, Jan. 26.
Following the hack, the Coincheck exchange has hosted a , attended by Cointelegraph’s , to provide the details of what has happened and what’s coming next.
NEM stored on hot wallet, private key stolen
The hack only involved NEM. No other cryptocurrencies, including (XRP), were stolen, contrary to the earlyreports .
According to the exchange’s representatives, the hackers have managed to steal the private key for the hot wallet where NEM coins were stored, enabling them to drain the funds.
All the stolen money belonged to the customers of the exchange. The ‘inappropriate’ movement of the funds was reported by Coincheck to Japan’s , as well as the police later on the same day.
Shortly after the breach, the company from the site, hoping to stop any further damage to its funds. When asked whether they will begin allowing “at least” fiat currency withdrawals soon, Coincheck replied that that will be done after they have determined the best way to proceed.
It has come to light that the funds were being stored on a simple hot wallet rather than a much more .
Coincheck’s representatives have claimed that the security setup differs between various coins on the exchange.
Other cryptocurrencies on the site are currently stored in multisig wallets, but the NEM was not. When pressed by the media, the company insisted that “security standards were not low,” however the lack of multisig protection for NEM may indicate the opposite.
The company made clear that they use various wallet types for housing different assets. Specifically, and are stored in cold storage wallets, with bitcoin additionally having a multisig address. Ether, “given its nature,” is not stored on a multisig wallet.
According to their statement, more than half of Coincheck’s 80 permanent employees work on security systems.
What comes next?
Going forward, Coincheck claimed that it knows the address where the stolen NEM is currently being stored by the hackers, and is hoping to be able to track the culprits.
While the company cannot currently disclose how many users were affected, they have expressed a desire to refund all the money that was lost.
When asked whether they are going to resume operations or will have to declare bankruptcy, Coincheck said that ‘in principle’ they plan to keep operating.
While the exchange has expressed a desire to refund all lost funds, they nevertheless are still considering how to approach the situation. Per the press conference, the “worst-case scenario” would be that the funds can never be returned.
When asked whether they have any words for the customers, Coincheck representatives have said that they “deeply regret” what happened.
Published at Fri, 26 Jan 2018 18:35:11 +0000
bitcoin Scams[wpr5_ebay kw=”bitcoin” num=”1″ ebcat=”” cid=”5338043562″ lang=”en-US” country=”0″ sort=”bestmatch”]
