Emergent Tech

Stop us if you've heard this one before: Tokyo crypto-cash exchange 'hacked' for half a billion bucks

Forgot to CoinCheck themselves, have now CoinWrecked themselves

By Shaun Nichols in San Francisco


Japan-based cryptocurrency exchange CoinCheck says it has been taken for around $530m by hackers.

The Tokyo-based exchange says it is working with cops and Japan's Financial Services Agency to investigate a heist CoinCheck admits went undetected for more than eight hours.

CoinCheck believes the theft occurred Friday around 3am local time when someone was able to access its systems and transfer ownership of 500 million NEM cryptocurrency units.

The attack was reportedly only discovered at 1.30pm, at which time CoinCheck suspended trading.

The ultimate cost of the attack will be tied to the trading value of NEM. With investors selling off the cyber-dosh following the attack, prices have fallen around 10 per cent, making the pilfered coins worth slightly less on the open market.

Apparently, the 523m coins – worth about half a billion dollars for now – were stored by CoinCheck on a remotely accessible hot wallet at the time of the computer security breach. The thieves were able to obtain the wallet's private key and move the currency out without setting off any alarms.

Describing itself as the "Leading Bitcoin and Cryptocurrency Exchange in Asia," CoinCheck allows its users to trade in more than a dozen various virtual currencies, including NEM.

The security blunder will for many cryptocurrency speculators bring back unpleasant memories of the 2014 MtGox collapse. Like CoinCheck, MtGox was a Tokyo-based cryptocurrency exchange that was said to have lost hundreds of millions of dollars worth of virtual currency. Cleanup from that incident took years and remains a point of contention.

The staff of CoinCheck – and the exchange's users – are hoping this incident will have a better outcome. Japan's FSA notes that it has jurisdiction over the exchange, as CoinCheck had applied with it for a license last fall. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

US elections watchdog says it's OK to spend surplus campaign cash on cybersecurity gear

Congresscritters now have one less excuse for getting pwned

CISA's Palace: Congress backs new cybersecurity nerve-center for cyber-America's cyber-future

CISA heads off for Trump's signature – no, not that CISA, the good one

Jeep hacking lawsuit shifts into gear for trial after US Supremes refuse to hit the brakes

Owners claim security vulns have damaged resale price

US government charges two Chinese spies over jet engine blueprint theft

China says case is full of hot air

German cybersecurity chief: Anyone have any evidence of Huawei naughtiness?

We won't be having a word with local firms until then

NSA hacking chief's mission impossible: Advising White House on cybersecurity

Rob Joyce is heading to US National Security Council

DEF CON plans to show US election hacking is so easy kids can do it

DEF CON Exploit contest opened for tykes – meanwhile, Republicans kill new funding for election security

Former NSA top hacker names the filthy four of nation-state hacking

DEF CON Carefully omits to mention the Land of the Free

China's cybersecurity law grants government 'unprecedented' control over foreign tech

Relinquish your IP or lose one of the world's largest markets

Uncle Sam fingers two Chinese men for hacking tech, aerospace, defense biz on behalf of Beijing

Pair on cyber-espionage rap, HPE, IBM and their clients said to be among those hit