The Zaif Hack Story Isn’t Over Yet: Further Investigations Lead to More Questions
The hack of Japan-licensed cryptocurrency exchange Zaif took the crypto community by surprise last week. It’s recently emerged that the perpetrators of the crime are trading the stolen wealth on Binance and other exchanges.
Japan’s Financial Watchdog Slams Three Business Improvement Orders
The event couldn’t pass unnoticed, especially because the exchange had reportedly warned about its vulnerabilities in advance following the Japanese financial authorities’ (the FSA) verifications.
The failure to address the respective issues resulted in a total of $60 million worth of crypto — $40 million of which belonged to their customers — being leaked. According to Reuters, the FSA subsequently issued a business improvement order and pressured the company to explain the details of the hack, as well as the reason why they only reported the hack several days later.
An unnamed official of the Financial Services Agency stated:
We have not received enough explanation on what exactly happened. What they told us is an employee’s PC was hacked […]
BlockTrace Concludes: At Least Part of The Amount Is Now On Binance
A few days following the hack, blockchain investigations company BlockTrace released additional details about the hack on Twitter. The BlockTrace team seems to have found what happened with the $60 million withdrawn from Zaif:
@zaifdotjp got hacked for $38,784,136. Here is where the hacker sent the coins:
— BlockTrace.com (@blocktracecom) September 21, 2018
In addition to Binance, the team also called on Huobi to investigate certain accounts presumed to be linked to the hack. The two exchanges have not answered to the call yet, although certain members of the community believe that they owe an explanation.
Regarding Binance accounts in particular, BlockTrace revealed that the hacker(s) was able to create hundreds of accounts and deposit 2 $BTC in each of them — therefore the concerns related to Binance’s anti-money-laundering regulations are not unfounded.
A New Crypto Guardian Angel?
BlockTrace’s contribution to the investigations about the Zaif hack could prove monumental should the two exchanges be open for collaboration. Whether cryptocurrency wallets, transactions, and accounts can be traced is still an unsettled issue — but some states have certainly done this before in order to track down criminals.
In addition, Blocktrace also claims to be able to help the victims to recover their loss. These are just the first few steps the company made to combat the crime that resulted in thefts worth no less than $1.6 billion.
Regarding the hack in question, the CEO of BlockTrace Shaun MaGruder revealed that the verification required by exchanges to create a trading account may actually be too lenient. MaGruder told Bitcoin Magazine, “Even though you have to upload your ID when verifying account, they are not making sure it is actually you […]”
What do you think the next steps should be in order to find the source of the hack? Let us know in the comments below!
Images and media courtesy of Bitcoinist archives, Shutterstock, Twitter/ @blocktracecom.