On 26 January, Japan’s most popular cryptocurrency exchange, Coincheck, was hit by a massive hacking attack, which saw 532 million worth of NEM sink into the nether of the Internet, and off to unknown hands.
This has not been the first time when the security of the putatively uncrackable cryptocurrencies has been pried open. South Korea’s Coinlink has also been the victim of breaches in recent time.
In both Coincheck and Coinlink’s cases, it was a human error. Coincheck was infiltrated after the culprits had managed to steal a private key and break into the network, Coincheck representatives said during a press conference on Friday.
The shocking proportions of the theft are definitely something to be concerned about, but criminals have long been flirting with mainstream cryptocurrencies, although this may be about to change.
What did we learn about the breach?
In Coinlink’s own account, the attack stemmed from an unsecured wallet whose private key had been stolen, however no other cryptocurrencies were affected. As to the amounts of stolen NEM, they were all ownership of Coinlink’s customers.
During a press conference, the company reported that it had detected that coins are being syphoned off, and promptly moved to halt all operations. On top of that, the occurrence has been reported to the Japanese Financial Service Agency, making things painfully formal.
But the events, described such as they were, raise a lot of questions. Why has NEM been syphoned off and how is it possible that a single wallet could almost bleed a whole network dry?
The answer came from Coinlink themselves – NEM had never been stored on a multisig wallet. Users and observers were immediately concerned about mainstream assets such as Bitcoin and Ethereum, but according to Coinlink these and all other crypto currencies were stored off the gird. But what has transpired puts this claim to the test.
What is next for Coinlink?
If you are among the affected users, things are a toss-up right now. Officially, Coinlink will seek to reimburse affected customers, whose number is unknown. But rather than committing, the cryptocurrency exchange operator said that it was what it “wanted.”
On top of that, Coinlink is hot on the trail of hackers and could possibly manage to trace them down to where the NEM currency is stored.
With some luck, Coinlink could managed to unearth the identities of the wrong-doers, albeit this is not immediately plausible. Meanwhile, Coinlink will certainly continue to operate, at least “in principle,” meaning government watchdogs have not yet played their hand.
Why is the NEM theft bad?
It is a particularly fraught period for cryptocurrencies. With the latest development, you will notice that a lot of what could have been done to protect cryptocurrencies has not.
Let us put this in perspective. Coins and tokens are soaring in value. Just think about Dogecoin which is now worth $ 2 billion and it is probably the most expensive joke in history.
In any event, cryptocurrencies have long boasted that they can go it alone and that their expertise is sufficient to safeguard clients. But with breaches in private operators making headlines every day, this claim is put to the test.
How will mainstream institutions react?
Moving forward, NEM will have a tough future. Restoration of its credibility is unlikely. Governments and central banks are likely to put the crack on both it and Coinlink as they are not particularly predisposed to individuals or organizations who inadvertently or otherwise support criminals.
Interestingly enough, Bitcoin has not been the victim of a major theft. However, the reason behind this is not only the play-by-the-book approach Bitcoin exchanges have been employing. It stems rather from the fact that criminals have a stake in seeing a bitcoin market thrive.
But even keeping a low-profile has proven inefficient. Studies have shown that almost every second transaction (49%) in Bitcoin, is carried out by a criminal or a criminal organization. This is disconcerting news.
Should cryptocurrencies and governments work closer?
Yes is the short and long of it. Governments have a personal stake from barring criminal organizations from using make-believe currencies and circumnavigate sanctions and investigation, which is paid with fiat currencies, usually out of the public budget.
If private operators such as Coinlink and Coincheck should be opened to audits from central banks when it is deemed appropriate. Trying to stave off mainstream regulation, has blinded cryptocurrency exchanges of the very real danger of hackers.
And if we keep creating one imaginary currency which may crash and burn after a while, after successfully managing to fund illegal activities, then we are in fact not so much guaranteeing our privacy as we are funding all sorts of things we have been trying to eradicate.
Cryptocurrency operators should know better.