Suspicious communications between the computers of Tokyo-based cryptocurrency exchange Coincheck and unidentified servers outside Japan began weeks before the January 26 theft of 58 billion yen ($542 million) of the cryptocurrency NEM, a new finding suggests, a person close to the police investigation said.
Coincheck said last week it would repay about ¥46 billion ($431.6 million) to investors who lost digital money in the hack, which was one of the biggest of digital money ever.
Thieves syphoned away 523 million units of the cryptocurrency from Coincheck - then valued at $547 million - during the January 26 hack, which exceeded the $480 million in bitcoin stolen in 2014 from another Japanese exchange, MtGox. Based on the compensation plan, users will see a combined payout of $420 million. In addition to the refund, the exchange has also resumed partial trading on its platforms thereby allowing the customers to withdraw their crypto holdings for Ethereum (ETH), Ethereum Classic (ETC), Ripple (XRP), Litecoin (LTC), Bitcoin Cash (BCH).
Japan's Financial Services Agency (FSA) has told seven cryptocurrency exchanges to improve internal controls, ordering two of them to cease business operations for a month. As reported by Japan's local publication Nikkei Asian Review, Coincheck earlier identified that the cause of the theft was a malware infecting the company's internal computer systems.
Subsequently, the report said, the hackers were able to gather private keys to large amounts of NEM weeks before the actual heist, during which time Coincheck had no proper tools to detect such communication between itself and external servers. With a second administrative penalty having been issued by the agency, Coincheck is also required to submit a written plan by March 22 for its plans for system improvements.