Japanese cryptocurrency exchange Zaif announced today that it lost $60 million worth of company and user funds during a security incident that took place last week.
The company said it discovered the hack on Monday, September 17, and confirmed it a day later, when it reached out to authorities and reported the incident.
The Zaif team suspended user deposits and withdrawals earlier today, while its staff is making sure the hacker(s) is out of their network for good.
TechRepublic: The 5 biggest blockchain myths, debunked
Investigators are still gathering details, but Zaif said the hack took place on September 14, between 17:00 and 19:00 local time, when the attacker siphoned off three types of cryptocurrencies from the company's "hot wallets."
A "hot wallet" is a term used to describe a cryptocurrency addresses with light security measures where a cryptocurrency exchange keeps funds for immediate transactions, such as cryptocurrency-to-cryptocurrency or cryptocurrency-to-fiat (and vice versa) operations. The opposite of a hot wallet is a cold wallet, where an attacker needs to pass through multiple authentication systems to get access to funds.
Zaif says the hacker stole Bitcoin, Bitcoin Cash, and MonaCoin from its hot wallet, all three worth 6.7 billion Japanese yen (roughly $59.67 million) when combined.
Of the $60 million, $37.8 million were Bitcoin funds(5,966 BTC). Zaif is still investigating the hacked server to determine the exact amount of stolen Bitcoin Cash and MonaCoin.
Of the 6.7 billion stolen yen, 2.2 billion yen --32 percent-- were Zaif funds, while 4.5 billion yen were customer funds.
Zaif plans to secure a 5 billion yen loan to pay back affected customers but has not revealed any other details. Earlier this year, Japan's financial regulator intervened and forced Coincheck to pay back customers after a $530 million 2017 hack.
Zaif is a cryptocurrency exchange established in 2014, based in Osaka, Japan.
h/t Autumn Good
- Bug in Bitcoin code also opens smaller cryptocurrencies to attacks
- US loses extradition battle with Russia for Bitcoin kingpin
- Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later
Previous and related coverage:
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
This simple advice will help to protect you against hackers and government surveillance.
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.
If you can't answer these basic questions, your security could be at risk.
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.