Home / Archive / Japan’s Largest Bank Says it Found ‘Source’ of $60 Million Hack of Crypto Exchange Zaif

Japan’s Largest Bank Says it Found ‘Source’ of $60 Million Hack of Crypto Exchange Zaif

Last Updated March 4, 2021 3:07 PM
Josiah Wilmoth
Last Updated March 4, 2021 3:07 PM

Cybersecurity researchers working for a subsidiary of Japan’s largest bank believe that they have found the hackers who stole $60 million from Japanese crypto exchange Zaif in an attack earlier this year.

MUFG Investigates Zaif Hack

According to a press release  published on Monday, Japan Digital Design Co. (JDD) — a subsidiary of banking giant MUFG — partnered with local cybersecurity researchers to monitor the stolen funds as the attackers attempted to move them and, presumably, launder them into fiat currency.

As CCN.com reported, the Zaif hack occurred in September and saw the thieves abscond with about $40 million in customer funds, along with $20 million that belonged to the exchange. The funds were denominated in bitcoin (BTC), bitcoin cash (BCH), and monacoin (MONA).

The announcement was slim on details, but it stated that it was the latter cryptocurrency — the lesser-known monacoin, whose market cap is just $73 million — that enabled the researchers to accumulate data on the attackers. Apparently, JDD used an array of cloud-hosted MONA nodes to analyze transactions involving the stolen funds and identify clues regarding the identity of the attackers, such as the source IP address.

zaif hacker mufg crypto
Source: Japan Digital Design/MUFG

“Since the Monacoin began moving from October 20, we estimated the source of 5 transactions in question and provided information to the authorities concerning the characteristics of the transaction originator,” JDD said.

“In the investigation of the leaked virtual currency, remittance route has been analyzed through static analysis of the block chain, but with this effort, by deploying the virtual currency node on a large scale after the outflow of the virtual currency, We verified whether we can obtain clues such as source IP address etc. We also got useful data to grasp the accuracy of the information and the cost of tracking,” the release, which was roughly translated from Japanese, said.

Zaif Customers Await Compensation amid Sale of Crypto Exchange

Unlike Coincheck, the Japanese cryptocurrency exchange which lost a record $530 million in a January hack, Zaif was licensed by the country’s Financial Services Agency (FSA), giving the regulatory agency a black eye. Following the hack, the FSA slapped Zaif with a business improvement order and said that it regretted having allowed the exchange to continue operating even after it had received multiple warnings in the past.

Several weeks later, Tech Bureau — the owner of Zaif — announced that it would sell its entire stake in the exchange to Fisco Digital Asset Group, a publicly-listed Japanese company. The terms of the deal, which is scheduled to be completed on Nov. 22, state that Fisco will be responsible for compensating customers who lost funds in the theft.

Featured Image from Shutterstock