hand, this is something law
The biggest cyber-heist in history
enforcement is well aware
how to deal with.”
Meiklejohn sees her work
as distilling cryptocrimes to
the type of crime familiar
to law enforcement. Armed
with leads from Elliptic and
others, good old-fashioned
policing will then do what it does best.
FOR THE TIME BEING, HOWEVER, THE
cybercriminals are still a step ahead.
Although researchers can now watch thefts
of cryptocurrency on block-
chain networks happen in
close to real time, they can’t
connect them to the real
world fast enough to stop
even monumental capers.
The biggest cyber-heist
in history happened at 3
A.M. Japan time on a January morning this year.
Someone, or more likely
someones, made off with
more than half a billion dollars’ worth of a digital currency called NEM from the
exchange Coincheck. No
one at the exchange raised
alarms until lunchtime, and
the culprits got an eight-hour head start.
When news finally
reached NEM Foundation vice president Jeff
McDonald in Tulsa, Oklahoma, he went right to the
chain. The funds had been
taken from a software wallet connected to the internet—an insecure storage
locker that Coincheck says
it was only using because of
a fault elsewhere in its system. “It’s basically like leaving your ATM card out with
the PIN number written on
it,” says Alexandra Tinsman,
the NEM Foundation’s communications director. All of
the 523 million stolen coins
were funneled first through
a single account before being
split among several others.
To stop the thieves from cashing out
their loot into a fiat currency, the NEM
team rushed to flag the stolen coins and
put exchanges on alert. The day after the
hack, the NEM team had identified and
published the addresses of 11 accounts
where funds had ended up. Each was
labeled with a tag that read “coincheck_
because they didn’t know who owned the
accounts, the NEM team was unable to do
much more than attempt to block the exits.
A waiting game ensued. Unable at first
to cash the stolen coins out of the NEM
network, the thieves moved them around
it. These movements were all visible on the
public blockchain. The NEM team tracked
the coins to Canada and then watched as
some of them returned to Japan. But even
though NEM never took its eyes off the
marked notes, the thieves still got away.
In the end they were able to make it to an
unregulated exchange and cash out at least
half the stolen coins. In March, the NEM
team announced it was giving up the chase.
Stung by the massive theft, Coin-
check announced that it would no longer
deal in Zcash, Monero, or Dash, another
anonymous currency. It’s among the first
exchanges to cut off those coins.
Coincheck’s move is part of a larger
effort to bring law and order to this new
frontier of money. The US government is
toying with the idea of creating a blacklist
of cryptocurrency addresses that are asso-
ciated with criminal groups, such as terror-
ists, drug traffickers, and sanction-busters.
One possibility is that it would become
illegal to deal with blacklisted addresses.
The NEM thieves have escaped, for
now. But future technology could snare
them yet. As the forensic techniques and
tools get better, previously overlooked evidence will come to light like DNA traces
at a years-old crime scene. Every time
the authorities shut down a Silk Road or
BTC-e, that sends a signal, says Jeffrey
Robinson: “They’ll get the rest of them,
one by one.”
Douglas Heaven is a freelance writer
based in London.
William Knottenbelt, a
researcher at Imperial
College London, says,
“I don’t think outlawing
anything is going to