Stop us if you've heard this one before: Tokyo crypto-cash exchange 'hacked' for half a billion bucks

Forgot to CoinCheck themselves, have now CoinWrecked themselves

By Shaun Nichols in San Francisco

Posted in Emergent Tech, 26th January 2018 21:42 GMT

Japan-based cryptocurrency exchange CoinCheck says it has been taken for around $530m by hackers.

The Tokyo-based exchange says it is working with cops and Japan's Financial Services Agency to investigate a heist CoinCheck admits went undetected for more than eight hours.

CoinCheck believes the theft occurred Friday around 3am local time when someone was able to access its systems and transfer ownership of 500 million NEM cryptocurrency units.

The attack was reportedly only discovered at 1.30pm, at which time CoinCheck suspended trading.

The ultimate cost of the attack will be tied to the trading value of NEM. With investors selling off the cyber-dosh following the attack, prices have fallen around 10 per cent, making the pilfered coins worth slightly less on the open market.

Apparently, the 523m coins – worth about half a billion dollars for now – were stored by CoinCheck on a remotely accessible hot wallet at the time of the computer security breach. The thieves were able to obtain the wallet's private key and move the currency out without setting off any alarms.

Describing itself as the "Leading Bitcoin and Cryptocurrency Exchange in Asia," CoinCheck allows its users to trade in more than a dozen various virtual currencies, including NEM.

The security blunder will for many cryptocurrency speculators bring back unpleasant memories of the 2014 MtGox collapse. Like CoinCheck, MtGox was a Tokyo-based cryptocurrency exchange that was said to have lost hundreds of millions of dollars worth of virtual currency. Cleanup from that incident took years and remains a point of contention.

The staff of CoinCheck – and the exchange's users – are hoping this incident will have a better outcome. Japan's FSA notes that it has jurisdiction over the exchange, as CoinCheck had applied with it for a license last fall. ®

Sign up to our NewsletterGet IT in your inbox daily

70 Comments

More from The Register

NSA hacking chief's mission impossible: Advising White House on cybersecurity

Rob Joyce is heading to US National Security Council

China's cybersecurity law grants government 'unprecedented' control over foreign tech

Relinquish your IP or lose one of the world's largest markets

SEC 'fesses to security breach, says swiped info likely used for dodgy stock-market trading

EDGAR database a veritable goldmine of financial tips

Teach citizens IoT dangers, engineering students cybersecurity, Uncle Sam suggests

Govt also worried about IPv6's impact on online security

SEC sends ICO for restaurant app Munchee back to the kitchen

Rules that offering was a cryptocurrency speculation, not real attempt to fund app

Symantec appoints first cybersecurity czar to woo hacking talent

DEF CON Uber-nerd Tarah Wheeler aims to build bridges

SEC's cyber-cops cyber-file cyber-first cyber-fraud cyber-charges

Securities watchdog puts the freeze on dodgy ICO

Trump hits control-Z on cybersecurity order: No reason given for delay

Follows briefings heavy on blame, light on Russia

Blockheads changing company names to surf crypto wave get a warning from the SEC

Regulator tells lawyers told to get off the fence or face unpleasant fall

Another US government committee takes aim at Kaspersky Labs

Worries about 'espionage, sabotage, or other nefarious activities' cough - NSA! - cough