Hacks

Hackers Behind the $60 Million Zaif Crypto Exchange Hack to be Identified

Zaif Crypto Exchange Hack

Japanese digital security experts may have tracked the culprits, responsible for the recent Zaif crypto exchange hack. According to the press release, researchers at Japan Digital Design co. (JDD), subsidiary of banking and financial services giant MUFG, have gathered crucial information on the hackers that have stolen around $60 million worth of cryptocurrencies.

As Toshi Times has reported, the hack was reported on September 14th. Around $40 million worth of crypto was stolen from user hot wallets, while an additional $20 million was hacked from the company itself. Most of the losses incurred in the form of bitcoin (BTC), although some monacoin (MONA) and bitcoin cash (BCH) was also taken.

Monacoin transactions provide crucial clues

Although the press release is vague on details, it seems that MONA, a relatively unknown token, has given away the tracks of intruders. In order to identify the stolen funds, JDD threw a hackathon at the end of September, teaming up with local cybersecurity experts TokyoWestern and EL Plus.

Ledger Nano S - The secure hardware wallet

According to a rough translation by Coindesk, “In the investigation of the leaked virtual currency, remittance route has been analyzed through static analysis of the block chain, but with this effort, by deploying the virtual currency node on a large scale after the outflow of the virtual currency, we verified whether we can obtain clues such as source IP address etc. We also got useful data to grasp the accuracy of the information and the cost of tracking.“

The team added that, “Since the Monacoin began moving from October 20, we estimated the source of 5 transactions in question and provided information to the authorities concerning the characteristics of the transaction originator.“ Hopefully, the authorities can take things from here and bring the fraudsters to justice.

Victims of the crypto exchange hack promised a compensation

Zaif is operated by a company named Tech Bureau Inc., which had received two business improvement orders prior to the hack, in March and June of this year. The Japanese Financial Services Agency (FSA) also said Tech Bureau was late to report the attack and that its hack investigation and response to customers were deficient. A third business improvement order was issued following the hack and should Zaif fail to comply, FSA would consider harsher punishment, such as business suspension or business license cancellation.

Nonetheless, Zaif still plans to reimburse the hacked users. Tech Bureau has sold the exchange to a publicly listed Fisco investment company, which will handle the compensations. The deal is expected to be finalized in November 22nd.  

Photo by Soumil Kumar from Pexels