NEM is tracking stolen coins from Coincheck

Japanese exchange Coincheck said it will compensate affected users by repaying them in Japanese yen.

Following the theft of more than US$400 million in NEM tokens, stolen from Japanese cryptocurrency exchange Coincheck, the NEM Foundation revealed that it has “tagged” all of the compromised coins and is currently tracking their movements on the blockchain.

Late last week, 523 million NEM tokens (XEM) were illegally removed from Coincheck’s exchange, affecting around 260,000 users. Coincheck is one of Japan’s most popular exchanges, along with Tokyo-based BitFlyer.

Over the weekend, NEM vice president Jeff McDonald confirmed that “all the accounts with the stolen funds have been tagged” during a YouTube interview with NEM global communications director Alex Tinsman.

“We’re basically, actively watching and trying to see what’s going on with these funds and how they’re being moved and thinking about how we’re going to work with exchanges to make sure that everything is going to be okay for our community,” he said.

McDonald explained that even though the transaction was illicit, it’s permanently recorded on the blockchain.

“There’s no way to go back and change the history of the blockchain without a hard fork. And, for us, a hard fork is not an option. The NEM protocol worked exactly as it was designed to work,” McDonald said.

Forks are what happen when a cryptocurrency’s software is changed or upgraded. Because a blockchain is decentralized, running across thousands of different users’ computers at a time, making changes is difficult.

Understanding the difference between a hard fork and soft fork

“At this point, there’s simply no way for the hacker to sell 500 million dollars worth of XEM. The market doesn’t have to be afraid of that,” McDonald said. “I’ve been really happy that the biggest exchanges, with the most liquidity, that we have reached out to have been very responsive… and open to suggestions.”

In a separate interview with Forbes, McDonald revealed that the company has “other strategies” in place that involve an automated system that will follow the coins and tag any digital accounts that receive the coins.

Coincheck confirmed that the virtual funds that were stolen were stored in an internet-accessible “hot wallet”, rather than a potentially more secure “cold” wallet, making it easier for the hacker to thieve the coins.

The Japanese exchange released a statement vowing to pay reparations to affected users. The compensation will be paid in Japanese yen, directly to users’ Coincheck wallets. Using Zaif exchange rates, those affected will receive 88.549 JPY per XEM token. The principal used for reparations will be derived from company funds.

In a recent blog update, Coincheck reported that several payment and withdrawal features remain temporarily unavailable and that the time frame for full resumption of services is “unclear”. However, users can still login and access their exchange dashboards.

The Coincheck hack exceeds the value of the US$390 million theft that caused the collapse of leading Japanese bitcoin exchange Mt. Gox in February 2014. Since then Japan has tightened its crypto regulations.

From April 2017, crypto exchanges must register with the Financial Services Agency and manage user accounts separately from the exchange operator’s own funds. Coincheck applied to register but remains under review.

This week, the FSA issued Coincheck with an order to improve business operations. As part of the order, Coincheck must provide a written reports detailing the facts of their investigation into the hack, reveal how they are supporting customers, what they are doing to strengthen current measures to manage system risks and list new measures to prevent similar incidents occurring in the future. The report is due February 13, 2018.

Any customers affected by the breach can check the latest updates on Coincheck’s blog.

Japanese exchange bitFlyer was recently issued a Payment Institution (PI) license to operate in the European Union. The exchange is the only approved platform allowing trade with bitcoin’s largest trading market, Japan.

Picture: Shutterstock