One of the first things that you hear about when you start learning how to trade cryptocurrencies is that you should never leave your coins at an exchange platform, especially if you possess a large amount worth of valuable cryptocurrencies.
Apparently, some people didn’t learn the lesson. Because two weeks ago, a major Japan-based digital assets exchange called Coincheck got hacked and lost a staggering amount of around $530 million of a coin named NEM.
This hack was one of the biggest in the history of cryptocurrencies, with many experts saying that it was bigger than that of the infamous Mt Gox hack.
Why did it get hacked?
According to their representatives, this wasn’t an inside hack or a scam exit. On the other hand, numerous security experts say that the exchange didn’t hold their customer’s coins in a cold storage vault like what most exchanges do, instead, the majority of the stolen coins we’re held in an online hot wallet that is connected to outside network.
Holding coins in online wallets is vulnerable to scams and hacking attempts, most reliable crypto exchanges such as Coinbase or the Xapo exchange tend to hold their customers’ coins in an off-line storage vault with high-level security measures and insurance policies to protect customers funds.
Most notably, the Xapo wallet has an ultra-secured offline cryptocurrency vault that sits behind reinforced concrete walls deep within a decommissioned Swiss military container. Many security experts consider the Xapo cold storage technology to be the most secure in the cryptocurrency world.
Hence, keeping your coins in cold storage is much more secure than keeping them in vulnerable exchanges like Coincheck.
Where did the coins go?
Recently, the Coincheck hackers have been seen by police investigators trying to sell their $530m worth of stolen coins in dark web marketplaces.
The hackers are reportedly trying to exchange their NEM coins for Bitcoins. For the most part, it seems they’re trying to take advantage of the anonymity of the dark web to launder their coins without getting tracked by law enforcement authorities.
On the dark web, the hackers have been observed sending commercial messages to possible buyers promising them 15% off on NEM coin purchases.
As has been noted above, the anonymity of the dark web with the widespread usage of privacy-focused crypto-currencies such as Bitcoin and Monero makes it an attractive environment for these hackers to launder their possessed coins without worrying about getting tracked.
On the dark web, all kinds of illegal goods and services like drugs, weapons, and hacking tools are already being sold there anonymously every single day. This, unfortunately, will make it extremely difficult for authorities to trace and identify the Coincheck hackers.
How to protect yourself?
Considering this incident was far from being the first of it’s kind and that numerous exchanges have been hacked before, the hard lesson that can be learned from this is: never leave your coins on an exchange for longer than needed, especially if you’re planning on holding them for the long-term.
And finally, always make sure to use 2-factor authentication, multiple encrypted emails (ProtonMail), a VPN service to secure your financial data, and other security measures to keep your precious cryptocurrencies safe and secure from getting compromised by hackers.