Massive cryptocurrency heist spurs calls for more regulation

[Flash]

At 2:57 a.m. on Friday morning in Tokyo, someone hacked into the digital wallet of Japanese cryptocurrency exchange Coincheck Inc. and pulled off one of the biggest heists in history.

Three days later, the theft of nearly $500 million in digital tokens is still reverberating through virtual currency markets and policy circles around the world.

“The latest theft will have two immediate effects: more regulation by authorities over exchanges and more recognition of the advantages offered by decentralized ways of trading,” said David Moskowitz, co-founder of Indorse Pte in Singapore, which runs a social network for blockchain enthusiasts.

The Coincheck heist adds to a long list of thefts at cryptocurrency exchanges and wallets, stretching back to the robbery of Tokyo-based Mt. Gox in 2014. As prices of digital assets have soared, the platforms have become increasingly juicy targets for hackers.

Coincheck, one of Japan’s biggest cryptocurrency exchanges, will use its own capital to reimburse customers who lost money in the theft, according to a statement posted on its website Sunday. The exchange — whose shareholders include 27-year-old Chief Executive Officer Koichiro Wada, Chief Operating Officer Yusuke Otsuka and two investment firms — said it has been in touch with Japan’s Financial Services Authority and the Tokyo Metropolitan Police.

According to Coincheck’s account of the incident, an unidentified thief stole 523 million coins tied to the NEM blockchain project, which were trading at about 94 U.S. cents at the time of the hack. It wasn’t until around 11 a.m. on Friday morning — about eight hours after the initial breach — that Coincheck staff noticed an alert pointing to a sharp drop in their NEM coin reserves.

The thief was able to seize such a large sum in part because Coincheck lacked basic security protocols. It kept customer assets in what’s known as a hot wallet, which is connected to external networks. Exchanges generally try to keep a majority of customer deposits in cold wallets, which aren’t connected to the outside world and thus are less vulnerable to hacks.

Coincheck also lacked multi-signature, a security measure requiring multiple sign-offs before funds can be moved. While the safeguard failed to prevent a $65 million heist from Bitfinex in August 2016, NEM’s blockchain had multi-signature functions that experts say would have made the theft more difficult.

Source: Massive cryptocurrency heist spurs calls for more regulation – The Denver Post

 

[bssunilreddy]

Thieves steal 600 powerful mining PCs in Icelandic "Big Bitcoin Heist"