Coincheck Hack — January 2018 Post-Mortem (Aggregated)
Overview
On January 26, 2018, 58 billion yen ($530 million) worth of cryptocurrency NEM was stolen from the Coincheck Exchange in Japan. This was one of the world's largest cryptocurrency heists at the time, and the stolen NEM was subsequently sold and laundered.
Attack Method
A virus penetrated the system through an infected email message (phishing) opened by one of the exchange's employees. The hackers managed to steal the private keys for the wallet, successfully draining the funds into their own wallets.
Security Failures
• Coincheck kept customer assets in a hot wallet, connected to external networks.
• Coincheck lacked multi-signature security.
• Coincheck stated it lacked staff experienced in conducting internal checks and performing management and security risk assessments.
Compensation & Aftermath
• Coincheck initially stated it might not be able to compensate all affected users, but later stated it would repay all 260,000 affected users in Japanese yen using its own capital.
• Coincheck was subsequently acquired by Monex Inc., a Japanese financial services group, in April 2018.
Money Laundering Investigation
Three years later, the Metropolitan Police Department in Japan announced that more than 30 people had been charged for allegedly exchanging NEM cryptocurrency, accounting for one third of the stolen value, for other cryptocurrencies.