Content adapted from this Zerohedge.com article : Source
by Tyler Durden
The anonymous nature of digital wallets continues to stymie investigators in last week's theft of 58 billion yen ($530 million) worth of NEM cryptocurrency from a Tokyo exchange, the biggest cryptocurrency heist in history.
Authorities know which user accounts were affected by the Jan. 26 hacking, and the accounts holding the pilfered funds can be immediately identified because the virtual coins are traceable. And, as the Nikkei writes, if the Coincheck exchange case were a regular bank robbery, identifying the bank accounts holding the stolen money would let law enforcement easily return the funds to victims.
But individuals who open a bank account must identify themselves, and no such requirement exists for opening a digital wallet. Anyone can obtain an anonymous digital wallet as easily as walking into a store and paying cash for an actual wallet.
That helps explain why Coincheck and the NEM Foundation, the international organization that manages and promotes the currency, are having trouble identifying the owners of the wallets and demanding the restoration of funds.
The foundation, which tags the NEM coins, could rewrite the blockchain virtual ledgers and forcibly return the stolen funds to Coincheck. But the NEM group has pledged never to rewrite blockchain records, so even those "transactions" resulting from a hack will remain valid.
The Tokyo Metropolitan Police Department had received communication logs maintained by Coincheck as of Thursday. The logs are being analyzed for any violation of Japanese anti-hacking laws, but the investigation is expected to encounter challenges similar to those in past cybercrime cases.
In 2015, servers belonging to the state-run Japan Pension Service sustained a cyberattack in which computer viruses were used to obtain names, identification numbers and other data belonging to some 1.25 million people. The next year, travel agency JTB suffered a data breach affecting 6.79 million customers. In both cases, the hackers may have infiltrated systems via offshore servers, but no suspects have been named to date.
When Mt. Gox went bankrupt in February 2014 after a massive amount of cryptocurrency went missing from its exchange, it took about a year and a half for authorities to arrest CEO Mark Karpeles, who was suspected of falsifying account data. Investigators went as far as crunching data in servers located in the U.S.
Meanwhile, on Saturday, the infamous Coincheck exchange said it was preparing to announce a timeframe when yen withdrawals can begin. All yen deposits registered to customer accounts are being stored in a customer-specific account in a major financial institution, the exchange said adding that cryptocurrencies registered to customer accounts have been transferred out of hot wallets and are being stored in cold wallets, etc. And Google translated in its entirety:
As we are announcing at the release on January 30, 2018, we are currently undergoing verification and verification of technical safety etc. accompanying Japanese yen withdrawal, and we are preparing for resumption We are. Based on the confirmation / verification that we are doing with the cooperation of outside experts, we will inform you of the timing of resumption of Japanese yen withdrawal.
The Japanese yen held by the customer in the account is preserved in the customer exclusive account of the financial institution. Also, with respect to the virtual currency (BTC / ETH / ETC / LSK / FCT / XMR / REP / XRP / ZEC / LTC / DASH / BCH) which the customer has in the account, evacuate from the hot wallet, We keep it.
We are sorry for the inconvenience for a while, thank you for your consideration.
Meanwhile, someone is half a billion richer following the Coincheck theft, and nobody has any clue who it is.
WE REACHED OUT TO WWW.ZEROHEDGE.COM AND RECEIVED CONFIRMATION THAT THEY ARE NOT AWARE THAT THEIR CONTENT IS BEING USED ON STEEMIT AND THAT THEY DO NOT CONSENT FOR IT TO BE USED HERE FOR PROFIT.
Copying/Pasting full texts without adding anything original is frowned upon by the community.
These are some tips on how to share content and add value:
Repeated copy/paste posts could be considered spam. Spam is discouraged by the community, and may result in action from the cheetah bot.
If you are actually the original author, please do reply to let us know!
Thank You!
More Info: Abuse Guide - 2017.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
The wallet with the stolen coins is being monitored, and if any transactions are made out of the wallet, they will immediately appear on the blockchain (I'm assuming NEM uses a public blockchain, I'm not familiar with that coin in particular, but AFAIK it's not a privacy coin). Coincheck already notified all the other exchanges not to accept any transactions from the wallet with the stolen coins, so the thieves will not be able to use exchanges to turn the stolen NEM into other coins, or fiat dollars. Furthermore, if the thieves try to transfer the coins to another NEM wallet, that wallet will now be tracked. As coins are transferred into other wallets (either legitimately or illegitimately) a network of wallets will develop that can by analyzed by a social network analysis tool like Palantir.
This is not like stealing cash out of a bank. The thieves will be leaving footprints all over the blockchain, and the more footprints they leave, the easier (relatively speaking) it will be to associate wallet addresses with meatspace human identities. The only hope they have to beat the social network analysis tools is to get their NEM exchanged for privacy coins like Monero, but with the exchanges now on alert, and P2P exchanges virtually nonexistent, the thieves are going to have their work cut out for them.thanks for sharing..
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Undoubtedly it's anything but difficult to catch up bank burglary casualties than digital money theft casualties.
To open a ledger, all nitty gritty data around one is required, something which is distinctive with wallets with which just the client can keep the data around oneself. Furthermore, now following the digital currency burglars is extremely hard, as one of the numerous suspects in the numerous thefts has been gotten with some proof to nail him, and that is CEO Mark Karpeles, who was associated with distorting account information.
It implies the Mt Gox burglars, coincheck trade looters, all escaped with it. This was a major misfortune to the digital money organizations. What's more, if a framework to control the thieves isn't chipped away at, numerous should at present escape with it.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Indeed it's easy to follow up bank robbery victims than cryptocurrency robbery victims.
To open a bank account, all detailed information about one is required, something which is different with wallets with which only the user can keep the information about oneself. And now tracing the cryptocurrency robbers is really hard, as one of the many suspects in the many robberies has been caught with some evidence to nail him, and that is CEO Mark Karpeles, who was suspected of falsifying account data.
It means the Mt Gox robbers, coincheck exchange robbers, all got away with it. This was a big loss to the cryptocurrency companies. And if a system to curb the robbers is not worked on, many shall still get away with it.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
These hacks force interesting decisions to be made, like when ethereum forked. Like would users want a fork here, or to have the records rewritten, or would they like for NEM to not control the blockchain. If they can rewrite it for a hack someone could potentially rewrite it for some other reason without telling people.
It opens the door for things we may not want to see on the blockchain and removes one of the things that people support about the blockchain: a true record. It's interesting because no one wants to be hacked, that's why security is so important.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
If the accounts holding the stolen coins are identifiable why do the relevant authorities seize them and hold them until such a time as they can be returned to the rightful owners ? If it turns out the rightful owners are guilty of daddy dealings and can bec proved beyond a doubt then they can donate them to a good cause.
The hackers might be half a billion dollars richer but it will do them no good as they cannot spend it, but upon saying that if they were clever enough to actually hack the system in the first place I have a feeling given a bit more time they will be able to code a system to turn that into untraceable crypto or cold hard cash so the authorities need to move fast before it is truly lost
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks for sharing this @zer0hedge. This is one of those cases where the question of full anonymous decentralisation becomes questionable. Personally, I feel like there is a happy medium where cryptocurrencies still run through decentralised nodes, but there are some back doors, just in case something like this happens. I know there is one already, but rewriting the blockchain would not make sense to me either.
I think some sort of KYC for all wallets would be good, as hard and flawed as it would be to do Otherwise, hacks like this will keep happening every so often. Even though they could likely be avoided if people were simply more careful, people have a natural tendancy to do whatever is easiest, not whatever is safest.
It's a question which I honestly can't answer well, but I think there needs to be a lot of thought put in to it. Thanks again!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I actually think we are trying to live in both worlds at the same time.
You have the centralization of the exchange which makes it vulnerable to hacks. Anyone breaking into the server(s) can access all the accounts since the keys are there. This is not the case when one is protecting his/her own wallet. Sure one can get hacked (for a large sum too) but nothing like this.
Couple that with the fact that people are trying to decentralize which means that wallets could be anonymous (they arent since most often people enter with fiat meaning there is a KYC). But anonymous wallets with centralized exchanges does not work.
If everything was decentralized, then you have a system where personal responsibility comes in. At this time, a person can do everything right yet still watch the exchange get hacked.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Good point made @taskmaster4450! I didn't think of it that way.
I think OmiseGo could solve this issue with the DEX with a FIAT Gateway, if they get it done properly!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That would be wonderful if they did.
The on/off ramp is under the control of the governments since the exchanges have to answer to them. We saw that with Coinbase even though they did fight a good battle (and even won to a degree). Nevertheless, the government got some of what it was seeking.
DEX with a FIAT gateway would solve a lot of problems...for individuals.
Of course, it would be a nightmare for the governments since it would be a tax haven for...well everyone.
Perhaps starving the beast isnt such a bad thing.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Yeah it would be. And agreed, it would be a tax nightmare! OMG are pretty compliant though. I imagine they are taking so long because they are trying to solve such issues.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This individual(s) is still only half way to Satoshi.
Centralized exchanges are a threat. For convenience (and perhaps out of ignorance) many find them helpful. Of course, when using fiat, it is the only way to get involved, at least at this time.
The hack just keep mounting. Over time, we are going to see more publicity related to security. What is wonderful about blockchain is they offer security since the data held is decentralized. I think we learned over the past 30 years that nothing centralized can truly protect data. Hacks take place all the time, with only the large ones getting the headlines.
What still makes me curious is the exchange said it will refund the money....who has $500M laying around?
How are they going to do this?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
@Zer0hedge..bro How many minutes did it take to notify the exchanges?
The coins had already been traded by then.
Once it becomes fiat, it is easy to hide.
I often wonder how many dark crypto pools there are.
Stolen art is easily traded amongst immoral collectors and kept in private museums.
CIA could use them to buy weapons on the black market.
Stolen coins could easily be used as collateral for loans since they would not be checked.
There are lots of ways around this problem for the thieves. Most exchanges require you to verify to make trades and the more verification you do entitles you to more money you can transfer deposit/withdraw so if all the sudden 400 million dollars worth of XEM shows up in your account some red flags are going to go up. Once the XEM is in there and you convert it to BTC -> XMR(Monero) and withdraw, your verification (how much ID info you've given them for tax purposes) means you can only withdraw $10K worth of XMR (per day/week). If you kept it as BTC and you send it over to say GDAX to turn into fiat, your have to verify with them as well. So now you $10K turns to fiat and gets deposited into your bank which of course gets flagged by IRS...thank you for sharing with us..
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Cold storage solves this problem by signing a transaction with a private key in the offline environment. Online initiated actions are temporarily transferred to the offline wallet held on the device, such as USB, CD, Hard Disk, paper, or an offline computer. It is digitally signed before it is transferred to the online network. Since the private key does not connect to a server during signing, the hacker trying to infiltrate from the internet can not access the private key used even if he does anything.
So this system is exactly for thieves. They keep the money they stole like this. Or those who have done this work have already prepared their plans. We Turks have a word; The minareyi prepares the cover. Of course when English is translated, it loses its meaning. In short, the thief prepares to escape before they steal. @zer0hedge
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Identifying every user in platforms like Coincheck would be a start to avoid this situations, a robbery is always done by experts who really know what they are doing and will never get caught (or think they know and are immediately caught).
Even if it takes longer to create an account on this platforms, they really should consider taking their time to see who they are accepting into their site and use their services, that way they would protect their users and increase trust on the platform which would bring more and more new users (benefecting all the crypto world).
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Mt. Gox was an interesting case. The thieves on Mt. Gox simply moved money to other accounts on the exchange, it was only later that it left the exchange after that had been going on for months.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
the thieves must somehow know what they are doing, its half a billion, its alot!!
Im sure they have some kind of plan that isnt known, or maybe they only did it to prove that its possible.
Hopefully we will find out in the near future.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Have there been any instances of stolen steem? What would be advised to help prevent such possibilities.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
"Meanwhile, someone is half a billion richer following the Coincheck theft, and nobody has any clue who it is." This statement, alone, is an appropriate headline.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Ouch. This is the best reason to not store fund on an exchange.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
thanks for the informataion....
really good post....
thanks you.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Subscribe to my blog to learn something new every day!!!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
😭😭🖓
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Interesting, you just flagged me, and I have no idea why or what I did that was worthy of negative action, so now I'm curious as to your other activities on Steemit.
So are you @transisto (which I previously supported and admire for protecting our blockchain), or @newsflash? Which account should I be addressing?
Thank you for any clarification. Just wondering as a small Steemian compared to your massive whale/orca accounts that you control.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
On further research, this is obviously @transisto account, once a 700,000+ Steem now broken into 2 Big Main Acccount and 1 Automated Earning account.
Ok, can you please explain how welcoming Andreas and showing a united front for Steemit is worthy of a flag from you, isn't everyone Steem/SBD/funds what they chose to with as they see fit to upvote.
What have I written that goes against your principles, is it spam, does it offend you, do you vehemently disagree with my thoughts?
In all the past materials I have read from you @transisto, you have always been a reasonable Steemian, what gives? I just don't get it, I don't even post my opinion, but I support good causes with my replies and upvotes, I support other Steemians, I hardly touch the reward pool, I could be focusing on earning more, but I don't, why must you single me out and flag me on hundreds of comments out there on Andreas 1st post?
Please explain, and justify as much as you want for measly $7 flag when you control hundreds in an upvote, please just explain to this young Steemian why you did what you did? Is this what you consider fair to youself?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Ironically, I just realized I upvoted what you wrote to Andreas and I support your message. Is this how you treat and reciprocate to other supportive Steemians?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
why will someone hide ... crypto .. i mean for what
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I agree with NEM not rewriting the blockchain to correct these hacks. Yes it sucks the big one but the integrity/immutability of the blockchain is going to be the key to its success and these attempts to go back in time to change things will provide short term help at the expense of the long term for NEM.
I would reduce holdings in a crypto that did this.
I do hope the hackers get caught and the people get the money back though.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
bitcoin:last 3 monts in 46sec,must watch
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
thank you for a post, to me very may need your information, to hide the cryptocurrency, thank you to you large for such valuable information
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
İt is wonderful. I follow you long sorrow. you are a good person.Have the best Sunday!.gif)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit