As of today, Tokyo-based Coincheck has begun distributing reparations to users impacted by the infamous late January theft of some $530 million in NEM. With an announcement on its website today, Coincheck has begun reimbursing funds – in JPY – to the account balances of…
As of today, Tokyo-based Coincheck has begun distributing reparations to users impacted by the infamous late January theft of some $530 million in NEM.
With an announcement on its website today, Coincheck has begun reimbursing funds – in JPY – to the account balances of users who held NEM at the time of the theft on January 26th. The refund value will be at a fixed rate of 88.549 Japanese yen, approx. $0.83 per NEM token stolen at the time. That’s over twice the current trading value of NEM’s XEM token, at just under $0.40 at press time.
The theft of over 500 million NEM from the exchange’s hot wallet, now seen as the largest cryptocurrency hack of all time, was confirmed by Coincheck executives during a dramatic press conference on the evening of January 26th in Tokyo.
In the immediate aftermath of the attack, Coincheck promised to reimburse customers affected by the theft. The claim was repeated during a press conference last week wherein the company’s chief executive and operations chief outlined the compensation plan on a day when the exchange was slapped by a ‘business improvement order’ by Japan’s financial regulator.
While Coincheck executives hinted at a possible malware-related compromise leading to the theft, a report by the Nikkei today revealed further details about the intrusion that began with phishing emails directed at Coincheck employees.
Citing a source close to the Tokyo Metropolitan Police Department’s ongoing investigation – over 100 police officers are reportedly deployed to look into the ase – English-language emails purporting to be an internal message deployed malware when clicked, enabling an external attacker to gain access to the computer(s). Coincheck’s computers then began transmitting data to external servers in the US and Europe for weeks leading up to midnight January 25. At this point, the intruder gained access to Coincheck’s server housing the private key for its NEM hot wallet before siphoning over 500 million tokens.
Coincheck, which is now mandated to submit a written business improvement plan to Japan’s Financial Services Agency by March 22, is also resuming withdrawals and trading of cryptocurrencies including ETH, ETC, XRP, LTC and BCH.
Featured image from Shutterstock.
Last modified: January 24, 2020 11:13 PM UTC