Sunday 27 May 2018

All you need to know about the €429m cryptocurrency hack in Japan

Thomas Wilson and Hideyuki Sano

The theft by hackers of roughly JPY58bn (€429.6m) from Tokyo-based cryptocurrency exchange Coincheck has raised fresh questions about security and regulatory protection in the emerging market of digital assets.

The case is among the largest heists of cryptocurrencies yet and throws up fresh question marks for investors.

WHAT IS NEM?

NEM is a cryptocurrency launched in March 2015 by a team of five developers identifying themselves as Pat, Makoto, Gimre, BloodyRookie and Jaguar.

Its acronym stands for New Economy Movement and, like other cryptocurrencies, markets itself as a digital coin outside the control of governments and central banks, which can be used for fast, global transactions.

It trails Bitcoin but is now the tenth-largest cryptocurrency, with $9bn worth of NEMs in circulation.

HOW WAS COINCHECK HACKED?

Many details are still unclear. Yusuke Otsuka, Coincheck's chief operating officer, said on Friday that around 523 million NEM coins were sent from a NEM address at Coincheck at around 3am local time.

More than eight hours later, Coincheck noticed an abnormal decrease in the balance.

Coincheck said the NEM coins were stored in a 'hot wallet' instead of a 'cold wallet'. Its President Koichiro Wada cited technical issues and a shortage of staff.

WHAT IS A HOT WALLET?

Hot wallets are connected to the internet and therefore are vulnerable to hacking.

So-called cold wallets are devices which can be as small as a USB stick and can be stored offline. Some keep them in a safe.

HOW ARE CRYPTO EXCHANGES REGULATED IN JAPAN?

Japan's government in April recognised Bitcoin as a legally-accepted means of payment, and required exchange operators to register with the financial regulator.

That came in the wake of the 2014 collapse of Tokyo-based Mt Gox, then the world's largest Bitcoin exchange and was designed to protect consumers and clamp down on illegal use of cryptocurrencies.

Japan's Financial Services Authority had approved the registration of 16 Japanese cryptocurrency exchanges.

A further 16 or so exchanges that were operating before the regulation was introduced - including Coincheck - have been allowed to continue operating on a provisional basis as their applications are assessed.

CAN STOLEN NEMs BE TRACED?

The NEM.io Foundation, a Singapore-based organization supporting NEM blockchain technology, says it has a full account of the whereabouts of Coincheck's hacked NEM, tracing the currency on the blockchain shared ledger.

The hacker has not moved any of the funds, the foundation said in a statement posted to the Medium publishing site, adding it would create an automated tagging system within two days to follow the coins and identify any account which receives them.

It is unclear how the holders would be identified.

HOW CAN INVESTORS AVOID BEING HACKED?

Bitcoin evangelists recommend steering clear of centralised exchanges, arguing that the whole point of decentralised currencies was to not hand over control to third parties. (Reuters)

Irish Independent

Business Newsletter

Read the leading stories from the world of Business.

Also in Business