Weak measures led to NEM hack
An exchange for <1> virtual currencies, which have been extremely popular lately, has been the victim of <2> fraudulent access.
Coincheck, one of the larger exchanges, announced on Jan. 26 that the <3> equivalent of ¥58 billion worth of the virtual currency NEM had been stolen. The company, which is based in Shibuya Ward, Tokyo, appears to have used a <4> vulnerable system to manage the assets it held.
“In running the exchange, we were aware of the possibility [of fraudulent access]. We had a sense of urgency about implementing [safety measures],” Coincheck President Koichiro Wada said at a press conference that started late at night the same day.
Virtual currencies are managed on computers using what are called “wallets.” The exchanges that broker transactions on the internet are vulnerable to a risk of fraudulent external access, so most exchanges store their data in “cold wallets” that are not connected to the internet.
However, Coincheck did not use this method to manage its NEM, instead keeping the currency in “hot wallets” that were connected to external networks.
Almost all of the NEM the company was holding had been taken, but it was not <5> withdrawn all at once. Several <6> withdrawals were made.