Zaif, a cryptocurrency exchange service, is the latest victim of an attack by suspected hackers. The Osaka-based platform has reportedly lost cryptocurrencies worth 6.7 billion yen ($60 million) to the attackers.
Details of the Attack
Tech Bureau Corp, owners of Zaif, announced the hack in a statement released on Thursday (September 20, 2018). According to Bloomberg, the cybercriminals siphoned 2.2 billion yen ($19.6 million) belonging to the platform with the remaining stolen funds belonging to Zaif’s customers.
Based on available reports, it appears the hack occurred on Friday (September 14, 2018) between 5 PM and 7 PM local time. However, the company only discovered the hack three days later. The suspected cybercriminals managed to steal Bitcoin, Bitcoin Cash and MonaCoin from the platform’s hot wallet.
The statement did not provide explicit details about the manner in which the attack occurred, saying:
We decline to comment on the details of how this illegal access occurred, as it is a crime and we’ve already asked the authorities to investigate.
As at press time, only the exact amount of Bitcoin stolen – 5,966 BTC ($37.8 million), is known. Reports indicate that the platform is still trying to ascertain the proportion of stolen Bitcoin Cash and MonaCoin in the remaining $22.2 million. In the aftermath of the attack, Zaif disabled all deposits and withdrawals.
FSA Reaction and the Next Step for Zaif
In response to the hack, Japan’s Financial Services Agency (FSA) instructed Tech Bureau to submit an incident report. Furthermore, the regulatory watchdog to carry out a physical inspection of the platform as has become its custom in the wake of any hack.
Earlier in the year, the FSA ordered Zaif to improve its operations or face severe penalties. The order came about due to a security bug that allowed some customers of the platform to purchase free bitcoin.
For Zaif, the road ahead involves securing a loan of 5 billion yen to facilitate payment to affected customers. The money is expected to come from the sale of company shares to Fisco Ltd.
A Litany of Japanese Cryptocurrency Exchange Platform Hacks
Zaif is the second Japanese cryptocurrency exchange platform to suffer a hack in 2018. At the start of the year, hackers stole more than $500 million in NEM tokens from Coincheck, another Japanese cryptocurrency exchange platform.
Just like with Zaif, the Coincheck heist occurred because funds were left in a poorly secured hot wallet. In Coincheck’s case, the hackers were able to hijack a the single-signature hot wallet that held the over half a billion dollars’ worth of NEM tokens.
Will this latest hack force the FSA into even more stringent regulatory measures? Let us know in the comments below!
Images courtesy of Bitcoinist archives, Shutterstock