Japan: Cybersecurity Experts Claim to Have Made Progress in Tracking Zaif Exchange Hackers

Published at: Nov. 5, 2018

Cybersecurity experts say they have found potentially incriminating evidence against the hackers of Japanese crypto exchange Zaif, according to an official statement today, Nov. 5. The experts are from Japan Digital Design Co. (JDD), a subsidiary of bank holding giant Mitsubishi UFJ Financial Group (MUFG).

As previously reported, as a result of a security breach on the Zaif exchange in mid-September, hackers succeeded in stealing 6.7 billion yen (about $59 million at press time) worth of crypto assets belonging to both users and to the exchange itself. Specifically the compromised funds consisted of 5,966 bitcoins (BTC), in addition to Bitcoin Cash (BCH) and MonaCoin (MONA).

Today’s statement outlines that since the stolen Monacoin began to be moved from Zaif Oct. 20,  JDD has succeeded in identifying the source of 5 of the transactions in question and has provided information to the authorities concerning the characteristics of the transactions’ originator.

In order to track the stolen currency, JDD conducted a hackathon in late September together with local cybersecurity team TokyoWestern and security firm EL Plus, drawing  upon infrastrastructure from multiple cloud services. The post states that:

“In the investigation of the stolen virtual currency, the remittance route was analyzed through a static analysis of the blockchain [...] by deploying the virtual currency node at a large scale […] we verified whether we can obtain clues such as source IP address etc.”

At the end of September, the operator of Zaif, Tech Bureau, received its third business improvement order from Japan’s Financial Services Agency (FSA). The FSA indicated that it considered that Tech Bureau’s investigation into the causes of the recent hack – as well as its response to customers – were inadequate.

The financial regulator also stipulated that if the operator failed to comply with the order, the agency would potentially resort to severer means, such as a business suspension order and/or cancellation of the exchange’s registration.

Tags
Related Posts
North Korea’s ‘Bureau 121’ Has an Army of 6000 Hackers
A report unveiled by the U.S. Army reveals that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others. The operations of four sub divisions are overseen by Bureau 121, the cyber warfare guidance unit of the hermit nation. The report, named North Korean Tactics, suggests the hackers do not exclusively launch cyberattacks from North Korea itself, as the country lacks the IT infrastructure to deploy the massive campaigns. Financial crimes division The “financial crime division” called the Bluenoroff Group has around 1,700 members and is dedicated to crypto crimes …
Blockchain / Aug. 19, 2020
FBI issues alert over cybercriminal exploits targeting DeFi
The U.S Federal Bureau of Investigation (FBI) has issued a fresh warning for investors in decentralized finance (DeFi) platforms, which have been targeted with $1.6 billion in exploits in 2022. In an Aug. 29 public service announcement on the FBI's Internet Crime Complaint Center, the agency said the exploits have caused investors to lose money — advising investors to conduct diligent research about Defi platforms before using them, while also urging platforms to improve monitoring and conduct m rigorous code testing. The law enforcement agency warned that cybercriminals are out in force to take advantage of "investors' increased interest in …
Blockchain / Aug. 30, 2022
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Trident Crypto Fund Data Breach: 266,000 Passwords Stolen
In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online. Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20. Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds. 10,000 Russians affected Oganesyan said that while attacks …
Blockchain / March 6, 2020
PIVX, Possibly Other PoS Chains Vulnerable to Bug, Attackers Profit
Private transactions cryptocurrency PIVX and over 200 other blockchains are vulnerable to attackers obtaining disproportionately high staking rewards. A major staking vulnerability Cryptocurrency consulting firm Lunar Digital Assets claimed in a post published on its website on Aug. 12 that a staking vulnerability is being used across PIVX and its forks. The weakness reportedly allows the attacker to obtain mathematically impossible staking rewards on vulnerable proof-of-stake (PoS) chains. According to the post’s author, the PIVX development team claimed to have solved the issue in January. Nonetheless, a core developer of PoS altcoin BitGreen (BITG) noticed that the vulnerability in question …
Blockchain / Aug. 13, 2019