Here a hack, there a hack, everywhere a hack hack.
Sometimes we feel like a broken record here warning people about the risks of storing funds in exchange hot wallets. But it seems there’s always a few people who miss the message. Sadly, that’s exactly what happened with some unfortunately folks who stored their funds with Japanese exchange Zaif, which suffered a massive hacking theft a few weeks ago. Now, it appears the victims may have to wait a while before they receive compensation for one of the largest thefts in crypto history.
The Zaif Exchange Hack: What Happened
Last month a story broke that Zaif had been attacked by hackers who made off with ¥6.7 billion ($60 million in USD) in bitcoin, bitcoin cash and monacoin. Of that amount, approximately $40 million was taken from customer hot wallets.
The story broke on September 20th when the company publicly disclosed that their security had been breached. The actual theft however occurred six days earlier during a two-hour window of time on September 14th.
It’s not entirely clear what happened next, but it appears that Tech Bureau Corp, the company which owns Zaif, did not find out about the attack until 3 days later on September 17th, after which they reported the incident to the Financial Services Agency (FSA), the primary financial regulatory body of the Japanese government.
A False Sense of Security
What makes this hack even worse was Zaif’s insistence that their platform was safe and “practically impossible” to breach.
“We externally block the exchange system at multiple levels, and we are building a system security environment where hacking into the internal system is practically impossible. Therefore, all outside access to the database, etc. is impossible.”
Incredibly, this text is STILL up there on their site after the attack.
A story involving an “unsinkable” double-hulled ship comes to mind.
The perpetrators of cryptocurrency exchange hacks are rarely caught. In the six days that elapsed between the actual theft and when the public was informed, those funds were sent to wallets outside the country and probably swapped many times for many different cryptocurrencies to obscure the trail.
It will be practically impossible to find out where it all went, and it is unlikely that the victims will receive any justice in this case. But at least they’ll be compensated for their losses, right?
Well, that’s the hope anyway.
Tech Bureau Corp is reaching an agreement with Fisco Digital Asset Group, in which they they will receive $44.59 million in cash to compensate victims of the hack in exchange for giving Fisco a majority of their shares in Zaif. As of today, Tech Bureau has actually halted new Zaif registrations just so they can focus on tackling this problem.
Zaif had originally planned to have the compensation arranged by the end of September, but here were are, well into October, and details are still being worked out.
It’s bad enough to have your assets stolen, but if you are one of these unfortunate Zaif users, now you must wait even longer to be compensated for your losses.
Imagine keeping your money on an “impossible to hack” exchange you believed was safe, only to wake up one day and realize it’s all gone.
That money you worked so hard to earn? Vanished.
Those plans you had for your future when you eventually sold? Not happening any more.
It Doesn’t Have to be This Way
Doesn’t it make more sense to just avoid this whole mess?
The good news is that it’s now easier than ever before to protect yourself from hackers and still have access to the crypto assets you want.
With Faast, you can trade 100+ cryptocurrencies directly from your own hardware or software wallet — where no hacker can get their hands on them.
Just to the Faast website, sync your wallet and start swapping right away — no account or registration required. You can rebalance your portfolio with the push of a button and add many different assets with a single transaction. Faast is also one-stop shop for portfolio management. You can connect multiple wallets at once and generate graphs of your assets across all your wallets.