Home / Markets News & Opinions / Russian Hackers May Have Masterminded the $530 Million Coincheck Theft

Russian Hackers May Have Masterminded the $530 Million Coincheck Theft

Last Updated March 4, 2021 2:36 PM
Harsh Chauhan
Last Updated March 4, 2021 2:36 PM

By CCN.com: Japanese crypto exchange Coincheck was dealt a significant blow in January 2018, losing $530 million worth of New Economy Movement (NEM) tokens to an unknown group of hackers. It is widely believed that North Korean hackers were behind the biggest crypto exchange theft ever.

But Japanese newspaper Asahi Shimbun reports  that Russian hackers were the ones who orchestrated the attack.

Russian breadcrumbs in the Coincheck crypto exchange hack

The Japanese newspaper says that the examination of a Coincheck employee’s personal computer revealed a malware associated with Russian hackers.

The hack was a result of the crypto exchange’s employees installing infected software on their computers. The hackers reportedly sent emails to the employees containing viruses such as Mokes and Netwire, who unwittingly installed the malware on their machines and caused a massive financial loss.

These viruses take over the infected computers and operate them remotely, gaining access to Coincheck’s private keys to execute the massive theft.

The Mokes virus marked its first presence on a Russian bulletin board in June 2011 and is reportedly popular among Russian hackers. Netwire has apparently been present for 12 years.

The attacks were earlier linked to state-sponsored hackers from North Korea, but apparently, that’s not the case anymore.

Russian hackers have been known to leave breadcrumbs of their misdeeds in the past, so it isn’t surprising to see them doing a shoddy job of covering their tracks once again when they hacked the crypto exchange last year.

Walk in the park

Coincheck was recently resurrected and it now operates with a cryptocurrency license, unlike last year when it was hacked into. At that time, Coincheck was awaiting a license and apparently had poor checks and balances in place to prevent the huge theft that knocked it into the ground.

The crypto exchange was reportedly storing customers’ funds in a hot wallet that the hackers hit, and it didn’t implement multi-signature technology that would have prevented the mishap. Also, Coincheck’s developers were clueless at that time as to how the cryptocurrency exchange was hacked into.

The inefficiency of Coincheck to protect customers’ funds means that the hackers had to simply loot a fort with no defenses. If it was indeed the Russians, it would have been a walk in the park as the country’s hackers gained notoriety when it was found out that they hacked the DNC server during 2016 elections and financed it using bitcoin.

Are you safe?

Crypto exchanges including Coincheck have lost billions over the years.

In the first quarter of 2019, crypto exchanges lost $1.2 billion worth digital assets to theft, frauds, and scams, according to cybersecurity firm CipherTrace.

In 2018, crypto exchanges lost $1.7 billion to bad actors. So if the current pace continues, 2019 might be a record year for crypto losses. Hackers are getting persistent and smarter, with BitMEX recently reporting an increase in the number of unauthorized login attempts.

In such a scenario, it is important for crypto users to ensure that they are holding their funds and security with as much security as possible. Using a hardware wallet and exchanges with stronger security protocols will help in this regard, or you might have to bid goodbye to your bitcoin that’s rising in value with each passing day.

Watch CCN.com’s Latest on Crypto Scams & Frauds