Hackers Behind the $550M Theft of NEM Tokens Reportedly Close to Cashing Out

Published on:
Smartphone with green NEM symbol
The Coincheck hack earlier this year culminated in the loss of approximately 523 million NEM with an estimated market value of $550 million.

In January, Coincheck was on the receiving end of an overwhelming hack which culminated in the loss of approximately 523 million NEM tokens with an estimated market value of $550 million.

Coincheck is a digital wallet and exchange service operating between Bitcoin and fiat currencies in Japan, as well as Bitcoin transactions and storage in other countries worldwide.

A Tokyo-based cybersecurity firm produced an analysis on the footprints of transactions carried out in connection to the stolen NEM. The report established that nearly all of the stolen tokens had been laundered. The disguise of the ill-gotten funds had been done mainly through channels on the dark web.

According to the cybersecurity firm, a website had been set up on the dark web by a facilitator offering to trade the NEM, believed to have been stolen, and converted into cryptocurrencies other than NEM immediately after the theft.

The said portal selling the NEM was showing absolutely zero balances.

NEM as Digital Currency

NEM is digital currency protected by encryption. It is based on the peer-to-peer technology that amasses, dispenses and confirms transactions carried out within a given period of time. This is done in blocks which are then conjoined into what you would consider as chains.

Your TOR usage is being watched

The blockchain platform has multiple uses for example registration of contracts like financial and legal ones.

The developers of NEM are fictitious. Inspired by NXT, a BitcoinTalk forum user by the name “UtopianFuture” started NEM with initial plans unfortunately dismissed, and an entirely new codebase adopted in its place. After open calls for public participation on BitcoinTalk were started, a community-favored cryptocurrency was born.

NEM was launched in March 2015, hosting a Java written program with C++ language. The commercial blockchain Mijin uses the NEM blockchain software and is being tested in private companies and financial institutions in Japan and in other parts of the world. The partnership between NEM and Tech Bureau, which operates Japan-based crypto exchange Zaif, led to the creation of a new blockchain engine in April 2016.

The NEM Infrastructure Server (NIS) is the first constituent of its architectural structure. It is also called the node which interacts with the second aspect which is the client. The Nano Wallet is its cryptocurrency wallet. HTML is its basic building block with a touch of JavaScript. The non-complex portion is built on the program, JavaScript while its magnetic memory base is written in Java.

Immediately after the Coincheck hack earlier this year, some NEM funds—believed to have been part of the stolen tokens—were transferred to a third-party digital wallet. The wallet had no connection whatsoever with the hacker. According to analyzed proofs, by deductions revealed by security researchers, the funds have been transposed through 19 different accounts.

The NEM Foundation, based in Singapore, had tagged the tokens by mid-March. Despite the efforts, almost half of the stolen funds had already been laundered by the masterminds of the massive hack. The system used to tag NEM is automatic and thus essentially follows and tags any money that has traces of corruption that is wired into an account.

Coincheck Carries the Blame

Hacker hacks computer at night
The NEM Foundation later terminated its involvement in the pursuit of the trail with potential leads to the stolen funds after coming to the conclusion that the authorities had been sufficed with all the relevant and adequate information.

The hack only targeted NEM. The security breach was brought about by the deficiency of strong security strategies by Coincheck.

As such, the NEM development team turned down requests to carry out a hard fork.

The NEM Foundation later disabled the automated tagging system for unascertained reasons.

Statements claim rising tensions between the NEM Foundation and Coincheck, but with questionable accuracy.

The NEM Foundation later terminated its involvement in the pursuit of the trail with potential leads to the stolen funds after coming to the conclusion that the authorities had been sufficed with all the relevant and adequate information.

As is expected, the hackers will launder the money by cashing out the coins in their possession. These have been acquired through the trade of the NEM funds among other crypto-related crimes. This is most likely to be done in overseas exchanges where they are not coherent to the stringent know-your-customer norms.

Details in the report cited the disclosure on the existence of the NEM funds in other cryptocurrencies acquired through the swap trades, disseminated across many digital wallets among multiple addresses. Each one of the wallets contains Bitcoins worth millions of Japanese Yen.

Compensation Promised

The hack prompted two Japanese cryptocurrency trade groups to amalgamate into a new self-regulatory organization. The Financial Services Agency took administrative action by requiring Coincheck to upgrade its security practices. However, they did not order the exchange to close shop, out of concern for the protection of the welfare of the users.

Despite the supposed investigation by the authorities in Tokyo, the swap has progressed with an unexpected rapidity. According to the Foundation, NEM protocol’s suppleness allows the trace of transactions in real-time if they are decentralized.

This, in turn, helps exchanges to pinpoint wallets affixed to malicious activity. Stolen tokens are therefore effectively of no use and unless they are flagged off by NEM, they can be deposited into accounts.

Coincheck had initially hinted at difficulties in reimbursing of all its users affected by the massive hack but later made an announcement that it would keep the promise to compensate all the 260,000 users in Japanese Yen using its own capital.

By March, Coincheck initiated refunds to clients who had held NEM and who were affected by the hack. It has undertaken the distribution of restitution and the process to full compensation is underway.



With the urge to know more about everything around us, I am an enthusiast researcher and writer with keen interest in expanding my knowledge in a bid to be well versed. Through writing, I express and share my feelings, ideas, and thoughts for like minded individuals.
Write for us


The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.