Hackers Behind Zaif Crypto Exchange Theft May Have Been Exposed

Nov 5, 2018 at 14:35 UTC
Updated Nov 5, 2018 at 21:01 UTC
NEWS

Cybersecurity experts at Japan Digital Design, a subsidiary of Mitsubishi UFJ Financial Group (MUFG), say they’ve found possibly revealing information on the bad actors behind the $60 million hack of Japanese crypto exchange Zaif.

The company announced in a press release Monday, that it has been investigating the outflow of funds from Zaif since soon after the hack, in association with Takayuki Sugiura at information-security consultancy L Plus and security experts from a “capture the flag” cybersecurity team called TokyoWesterns.

Once some of the stolen funds, in the monacoin cryptocurrency, started being moved late last month, Japan Digital Design said it was able to identify the “source” of the attackers.

The team added that it has shared this information with the authorities, saying: “Since the Monacoin began moving from October 20, we estimated the source of 5 transactions in question and provided information to the authorities concerning the characteristics of the transaction originator.”

While there are few specific details provided and it is also unclear how accurate the data collected is, the release further states (via online translation):

“In the investigation of the leaked virtual currency, remittance route has been analyzed through static analysis of the block chain, but with this effort, by deploying the virtual currency node on a large scale after the outflow of the virtual currency, we verified whether we can obtain clues such as source IP address etc. We also got useful data to grasp the accuracy of the information and the cost of tracking.”

Zaif, a licensed crypto exchange in Japan, was hacked in September, losing cryptocurrency worth around $60 million at the time, including bitcoin, bitcoin cash and monacoin.

Last month, Japanese financial regulator, the Financial Services Authority (FSA), said it was seeking information from Tech Bureau, the operator of Zaif, including why there was a delay in reporting the hack.

Tech Bureau also revealed in October a plan to compensate users who lost funds in the attack – a move that saw it sign an agreement to transfer the Zaif exchange business to publicly listed investment firm Fisco.

Japan reportedly lost $540 million to crypto hacks in the first six months of 2018, according to the data from National Police Agency (NPA).

Tokyo image via Shutterstock