- Amount Lost: $534,000,000.00
- Funds Returned: $534,000,000.00
- Category: CeFi
- Date: 2018-1-26
Quick Summary
On Jan. 26, about 523 million NEM (XEM) tokens, valued at over $530 million at the time, were illicitly transferred from its hot wallet address, resulting in an anomalous drop in the Japanese exchange's balance.
**
Details of the Exploit**
The attack was made possible by the company's technological issues and staff scarcity, which resulted in inadequate security measures. The stolen NEM were held on an internet-connected hot wallet rather than an offline cold wallet.
Coincheck utilized its own funds to compensate all 260,000 impacted clients:
https://www.ft.com/content/6a761a60-2694-11e8-b27e-cc62a39d57a0
Block Data Reference
Attacker address:
https://explorer.nemtool.com/#/s_account?account=NC4C6PSUW5CLTDT5SXAGJDQJGZNESKFK5MCN77OG
Malicious transaction example:
Proof Links:
- https://www.reuters.com/article/us-japan-cryptocurrency-q-a/the-coincheck-hack-and-the-issue-with-crypto-assets-on-centralized-exchanges-idUSKBN1FI0K4
- https://fortune.com/2018/01/31/coincheck-hack-how/
- https://www.coindesk.com/markets/2018/01/26/coincheck-confirms-crypto-hack-loss-larger-than-mt-gox/