Forensic Science International: Reports (Nov 2021)
How cryptocurrency is laundered: Case study of Coincheck hacking incident
Abstract
On January 26, 2018, 58 billion yen ($530 million) worth of a cryptocurrency, NEM, was fraudulently accessed, and was then stolen from the Coincheck Exchange, headquartered in Japan. This hacking incident is unprecedented not only because it was one of the world’s largest cryptocurrency heists, but also because the stolen NEM was sold and money laundered on a crypto market. Three years later, the Metropolitan Police Department, Japan, announced that more than 30 people had been charged for allegedly exchanging NEM cryptocurrency, accounting for one third of the stolen value, for other cryptocurrencies. The hackers have not yet been arrested, and how the stolen NEM was money laundered has not yet been investigated. By resolving two challenges in tracking the stolen NEM and its money laundering, this report shows that there were increasingly larger sales of the stolen NEM over time, and on the last two days of market operation, approximately one third of the stolen NEM was money laundered. Furthermore, this study reveals that there was no pattern in the hour of the day of the sales transactions whereas more sales occurred on Sundays and Mondays. This suggests that the laundering was international and that the stolen NEM was purchased by individuals. These findings emphasize the need for cryptocurrency exchanges to verify the identity of a new user when an account is opened.
