Japanese hacker arrested for stealing more than $ 130,000 in cryptocurrency

An 18-year-old Japanese citizen was reportedly taken into custody for stealing 15 million yen (about $ 134,300) in cryptocurrency.

According to the Japan Times, the accused stole a large amount of funds by hacking a website dedicated to cryptocurrency. This is one of the first times that Japanese prosecutors are investigating a case of cryptocurrency theft (by an individual).

More than $ 100.00 in crypto stole Monappy user accounts

As stated in the incident report, the alleged offender is a resident of Utsunomiya, Tochigi Prefecture. However, his name has not been revealed because he is still considered minor under Japanese law.

The alleged theft of over $ 100,000 in cryptocurrency occurred between August 14 and September 1, 2018, police officials said. The accused allegedly stole the funds by hacking a website called Monappy, which merchants use to manage Monacoin cryptocurrency.

A hacker tries to hide his personal information with the help of Tor encryption software

As stated by the Japanese authorities, the hacker used Tor's peer-to-peer (P2P) encryption software to hide personal information, including its IP address. Despite efforts to cover his tracks, security researchers working for the local police department managed to locate the culprit. This, after badyzing the communication logs left by the hacker on the server of Monappy.

According to local authorities, the accused admitted that he was involved in financial crime. The 18-year-old commented, "I felt like I had found something that nobody knows and I did it like I was playing a video game."

Although the way the attacker managed to steal the funds is unclear, police officials said they were able to exploit a vulnerability in the code base of the website that involves sending funds users. The hacker claimed to have found a flaw in the security of the website's transaction system that was malfunctioning if someone was trying to repeatedly transfer cryptocurrency for a short time.

7,700 affected users will be compensated for stolen funds

According to the 18-year-old offender, he had repeatedly sent requests for the transfer of cryptocurrency to his own account, which would have caused the system to malfunction. This, he says, allowed him to transfer a large amount of cryptocurrency to his address. About 7,700 crypto investors who use the Monappy website have been affected because of the security breach. Commenting on the incident, Monappy's management acknowledged that their site had been hacked and that it would reimburse the victims.

Other details of the incident report revealed that the hacker had transferred the cryptocurrency stolen into Monacoin (MONA) on an account that he had opened on another cryptographic site. After transferring the Monacoins, the hacker said he converted crypto into another digital badet to buy various items, including a new mobile phone.