Zaif cryptocurrency exchange loses $60 million in recent hack

The Osaka-based cryptocurrency exchange discovered hack two days ago, and is working to secure funds to reimburse affected users.
Written by Catalin Cimpanu, Contributor

Japanese cryptocurrency exchange Zaif announced today that it lost $60 million worth of company and user funds during a security incident that took place last week.

The company said it discovered the hack on Monday, September 17, and confirmed it a day later, when it reached out to authorities and reported the incident.

The Zaif team suspended user deposits and withdrawals earlier today, while its staff is making sure the hacker(s) is out of their network for good.

TechRepublic: The 5 biggest blockchain myths, debunked

Investigators are still gathering details, but Zaif said the hack took place on September 14, between 17:00 and 19:00 local time, when the attacker siphoned off three types of cryptocurrencies from the company's "hot wallets."

A "hot wallet" is a term used to describe a cryptocurrency addresses with light security measures where a cryptocurrency exchange keeps funds for immediate transactions, such as cryptocurrency-to-cryptocurrency or cryptocurrency-to-fiat (and vice versa) operations. The opposite of a hot wallet is a cold wallet, where an attacker needs to pass through multiple authentication systems to get access to funds.

Zaif says the hacker stole Bitcoin, Bitcoin Cash, and MonaCoin from its hot wallet, all three worth 6.7 billion Japanese yen (roughly $59.67 million) when combined.

CNET: Hackers hit South Korean cryptocurrency exchange for $31.5M

Of the $60 million, $37.8 million were Bitcoin funds(5,966 BTC). Zaif is still investigating the hacked server to determine the exact amount of stolen Bitcoin Cash and MonaCoin.

Of the 6.7 billion stolen yen, 2.2 billion yen --32 percent-- were Zaif funds, while 4.5 billion yen were customer funds.

Zaif plans to secure a 5 billion yen loan to pay back affected customers but has not revealed any other details. Earlier this year, Japan's financial regulator intervened and forced Coincheck to pay back customers after a $530 million 2017 hack.

Zaif is a cryptocurrency exchange established in 2014, based in Osaka, Japan.

h/t Autumn Good

Related coverage:

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

What is malware? Everything you need to know

Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

Five computer security questions you must be able to answer right now

If you can't answer these basic questions, your security could be at risk.

Critical infrastructure will have to operate if there's malware on it or not

Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.

Ordinary Wi-Fi devices can be used to detect suspicious luggage, bombs, weapons

Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.

Related stories:

Editorial standards