It appears a major breakthrough has occurred regarding one of the most recent cryptocurrency-related hacks. A Japanese teenager has been arrested for stealing over $1250,000 in cryptocurrency. During his attack, he exploited the Monappy social media network and the web-based Monacoin wallet in 2018. It is good to see this investigation yield results.
Monacoin Hack Perpetrator is Caught
A lot of people were surprised to learn the web-based Monacoin wallet suffered from unauthorized third-party access several months ago. This turned out to be part of an ongoing hack of Monappy, a somewhat popular social network in Japan. While both incidents were related to one another, it has taken the investigators some time to put all of the puzzle pieces together. The hard work resulted in the arrest of an 18-year old resident of Utsunomiya, Tochigi.
As it turns out, the unnamed individual confirmed he successfully attacked the Monappy social network between August 14 and September 1 of 2018. All he used was a smartphone, the Tor protocol, and some basic skills to properly infiltrate this system. The end result is how over 73,0000 Monacoins were stolen from over 7,700 Monappy users. Whenever a cryptocurrency-related theft occurs, the money is hardly ever recovered, let alone having the perpetrators arrested.
After a thorough investigation, it seems the hacker took advantage of a weakness in Monappy’s “gift code” feature. As such, he overwhelmed the system by sending himself Monacoins and using the same gift code over and over again. It is unclear why such an exploit was not discovered during the testing phase, as it can have catastrophic effects. The Monappy ram made all of the transaction-related information publicly available later on.
By properly analyzing the transaction logs, the Tokyo Metropolitan Police Department successfully managed to identify the hacker. Although he used Tor, it seems his attempt to remain anonymous failed. Why that is exactly, has not been disclosed at this time. Tor is not a foolproof solution to maintain anonymous, but in most cases, it makes it a lot harder to identify users. However, without additional countermeasures, it is far from a perfect solution.
This is also the first time a Japanese individual has been arrested and has to deal with several charges for cryptocurrency-related hacking incidents. While the Japanese police arrested other youngsters in the past, those incidents involved using malware and ransomware. While cryptocurrency adoption is booming in Japan lately, it also seems to attract a lot of “bad behavior” these days.
The main question is whether or not any of the stolen funds will be returned to its rightful owners. Although the Monappy service has been suspended ever since the attack took place, it is good to see some progress being made regarding this investigation. Rest assured this incident was far from the final hack affecting Japanese cryptocurrency users. However, it remains to be seen what other evidence this particular investigation may turn up now that the culprit is in custody.