Cryptojacking Campaign Uses Five-Year-Old Vulnerability to Rake in Monero
The hacker(s) behind the $550 million theft of 500 million NEM tokens from Japanese cryptocurrency exchange Coincheck are reportedly close to cashing out their ill-gotten gains completely. An analysis of online transactions records related to the stolen NEM by a Tokyo cybersecurity firm sees nearly all of the funds laundered through dark web channels, according to a Nikkei report. As of Thursday evening, last week, a dark web portal selling the stolen NEM funds was showing zero balance, Tokyo-based security firm L Plus confirmed. This particular dark web website was initially set up on February 7 by an operator offering to exchange the stolen NEM into other cryptocurrencies. In the immediate aftermath of the January 26th heist, some of the stolen NEM was transferred to a third-party digital wallet unrelated to the heist, the cybersecurity firm revealed in its analysis. As reported previously in mid-March, hackers had already laundered 40% of the 500 million tokens despite being tagged by Singapore-based NEM Foundation at the time.”The decentralised NEM protocol’s flexibility allows transactions to be traced in real-time, which aids exchanges to identify wallets attached to malicious activity,” the non-profit foundation said in February. “This helps make stolen XEM tokens effectively unusable, because they cannot be deposited without being flagged by NEM. “For reasons unknown, that automated tagging system was disabled last week by the NEM Foundation. The move, according to the Tokyo-based cybersecurity firm, has effectively fast-tracked the laundering swap into other coins in multiple wallets. This, despite the Tokyo Metropolitan Police Department reportedly assigning over 100 police officers to look into the theft. As things stand, the money launderers are expected to cash out their coins – already swapped from NEM to other cryptocurrencies like bitcoin – in overseas exchanges that do not adhere to stringent know-your-customer (KYC) or ID norms. The stolen NEM now exists in other swapped coins spread across a number of virtual wallets including multiple addresses that each contain several hundred million yen’s worth of bitcoins exchanged from the stolen NEM, the report revealed citing a source close to the investigation. Meanwhile, Tokyo-based Coincheck has kept its promise to refund NEM holders impacted by the breach by beginning to distributing reparations in Japanese Yen on March 12. Featured image from Shutterstock