The world’s biggest cryptocurrency theft (for now) is already a fact. Coincheck, the leading Bitcoin and cryptocurrency exchange in Asia as advertised on their website, has lost $530 million worth of cryptos. The theft has already caused a lot of trouble in the cryptocurrency market, and the consequences are yet to be fully comprehended.
Coincheck Heist Highlights the Vulnerabilities in Trading Cryptocurrency
Nonetheless, the heist has served well to shed a light on the flaws in trading Bitcoin and altcoins, assets that are not regulated. The incident also affects Japan which is planning to implement financial technology to help economic growth. The FSA (Financial Services Agency) has already ordered improvements to operations at Coincheck.
As reported by the BBC, Coincheck froze deposits and withdrawals for all crypto-currencies except Bitcoin as it assessed its losses in NEM, a lesser-known currency. The exchange platform said it would return approximately 90 percent via internal funs but it is still to be announced how or when.
How did the hack happen? Apparently, the NEM coins were stored in a hot wallet instead of a cold one, which is considered to be more secure as it operators on offline platforms. Unfortunately, the exchange hadn’t employed a multi-signature system which serves as an extra layer of security, researchers say.
The hack has highlighted Japan’s plan to regulate cryptocurrency exchanges. In 2017 Japan became the first country to regulate such platforms at a national level. This move was widely accepted as a positive and necessary change for improving innovation. The decision also highlighted the different approaches embraced by countries for handling cryptocurrency exchanges. Japan’s approach is in high contrast with crackdowns in South Korea and China, Reuters said.
The FSA announced that it has to confirm whether Coincheck has sufficient funds for the indemnification. However, the FSA doesn’t have any rules in place to ban the use of hot wallets. In addition, the regulator hasn’t set any requirements or restrictions on the sums that can be kept in cold wallets.
In response to FSA’s order for improvements, Coincheck stated it is currently working on strengthening the customer protection and will promptly develop its risk management systems.
Interestingly, Japan started to require cryptocurrency exchange operators to register with the government only in April 2017, allowing pre-existing operators such as Coincheck to continue offering services ahead of formal registration, Reuters said.
Cryptocurrency Exchanges Endangered by Various Hacks, Measures Needed
The threats endangering cryptocurrency exchanges are various. There have been DDoS attacks like the several recent attacks against Bitfinex.
The first DdoS on this platform was registered on December 4th, and it continued a few days, until December 7th. However, the attacks were re-established on December 12th when the platform was under a raid for hours before it was stopped. As of right now, the company seems to be fully operational without any disruptions or abnormalities. You can check the status over here.
Of course, DDoS is not the only danger. There have been plenty of cases where cybercriminals have stolen cryptocurrencies held by the exchange platforms (as in this case involving Coincheck); or have successfully collected data on how they operate their KYC processes for anti-money laundering. As with other forms of cybercrime, malicious attackers are also trying to get inside the exchange organization, to grab information on the people who work there, so that they can conduct other crimes. What is currently happening on the cryptocurrency market is similar to what has been happening to the banking sector for years. Instead of banks, cybercriminals are now shifting their attention to cryptocurrency exchanges.