ArrowArtboardCreated with Sketch.Title ChevronCrossEye IconIcon FacebookIcon LinkedinShapeCreated with Sketch.Icon Mail ContactPath LayerIcon MailMenu BurgerPositive ArrowIcon PrintIcon SearchSite TitleTitle ChevronIcon Twitter
A darknet site where NEM can reportedly be bought for bitcoin or Litecoin.   © Reuters

Coincheck loot being turned into bitcoin

Tens of thousands of dollars in stolen NEM now exchangeable for cash

TOKYO -- Of the 58 billion yen ($530 million) in cryptocurrency stolen from marketplace operator Coincheck, at least several million yen has likely been converted into bitcoin and other virtual currencies on the hidden darknet, according to sources close to the investigation.

Earlier this week, an English-language site appeared on the darknet -- a part of the internet accessible only with technology that obfuscates the user's IP address -- offering large amounts of NEM in exchange for bitcoin and other cryptocurrencies. Shortly afterward, transfers to third parties picked up from the digital wallets where the NEM stolen from Coincheck was held, indicating trades were being made.

Groups including the Foundation managing the currency have tagged the stolen NEM to make it easier to track. In converting the funds into a currency that is less traceable, those behind the hack could be preparing to exchange their holdings for cash.

The security breach that nearly cleaned out the Tokyo-based company's NEM coffers occurred on Jan. 26. 

By Thursday evening, several million yen, or tens of thousands of dollars, worth of NEM had been transferred from one of the perpetrators' wallets to several other addresses, according to a senior official at a major information security firm. The amount of NEM shown as available on the darknet site has fallen by the same amount.

It has been confirmed that sending virtual currency as directed on the site yields NEM in return. "It's possible that multiple people" have agreed to such exchanges, the official said.

Police in Tokyo are aware of the site, and are monitoring trades made through it. Those who have knowingly purchased the stolen NEM can be charged with a crime, a senior official working on the investigation said.

Investigators have also discovered illicit connections to Coincheck's systems from servers in the U.S. and a number of European countries in the days leading up to the hack. These are suspected to be attempts at stealing security keys needed to access the company's NEM.

The police here are cooperating with investigative authorities abroad to work out the source of the hack. But illicit connections are often routed through servers in several countries to obscure their origins, and peeling back those layers of secrecy will not be easy.

You have {{numberReadArticles}} FREE ARTICLE{{numberReadArticles-plural}} left this month

Subscribe to get unlimited access to all articles.

Get unlimited access
NAR site on phone, device, tablet

{{sentenceStarter}} {{numberReadArticles}} free article{{numberReadArticles-plural}} this month

Stay ahead with our exclusives on Asia; the most dynamic market in the world.

Benefit from in-depth journalism from trusted experts within Asia itself.

Try 3 months for $9

Offer ends September 30th

Your trial period has expired

You need a subscription to...

See all offers and subscribe

Your full access to the Nikkei Asian Review has expired

You need a subscription to:

See all offers
NAR on print phone, device, and tablet media