An 18-year old Japanese computer wiz has reportedly been arrested by the Japanese Authorities for allegedly stealing ¥ 15 million (equivalent to about $134,400) in cryptocurrency. According to the report published by Japan Times, the individual stole the funds by successfully hacking a website related to cryptocurrencies. Japan Times also notes that this is the first time that Japanese prosecutors involved themselves in a case related to the theft of cryptocurrency by an individual.
The report states that the accused individual is a resident of Utsunomiya, Tochigi Prefecture. However, the authorities and prosecutors have not revealed the name of the accused as he is still a minor under Japanese law. Authorities revealed that the hacker’s attempts to hack the website and steal the cryptocurrencies occurred between 14 August and 1 September 2018. The victim website hacked by the boy is called Monappy which is used by crypto traders to manage their Moanacoin digital tokens.
According to the local police, the hacker used a smart technique to hide his identity during the hacking attempts. The accused was using Tor P2P (peer-to-peer) encryption software to hide his personal details along with the IP address of his computer. While the individual was able to hide his identity during initial rounds of investigation, the security researchers working with the Japanese police were able to uncover personal details of the hacker by analyzing the communication logs between Monappy’s server and the offender. The personal details uncovered were then used to locate and arrest the culprit.
The accused has admitted to being involved in the crime, according to the authorities. The 18-year-old stated that he felt like he had found a trick that no one will be able to beat and that he did it as if he was playing a video game.
The exact details of how the theft was made possible are still unclear or are being kept secret by the authorities for obvious security reasons. The hacker has claimed that he found a security vulnerability in the Monappy website’s codebase which he was able to exploit after gaining access to the servers. According to the offender, a loophole is present in the website’s transaction system that makes it malfunction if multiple transfers are initiated within a small timeframe.
The hacker told the authorities that he repeatedly sent transfer requests to his own account which was enough to make the security loophole cause a malfunction in the transaction system. After that, the offender was able to make a large transfer to his account. An estimated 7,700 Monappy users have been affected by the breach. Monappy’s management acknowledged that their website had been breached and has promised to reimburse all the victims.
Obviously, the hacker had transferred all the stolen Monacoin to his crypto account on another website. He claims that he converted the digital coin into another digital asset which he then used to buy a lot of stuff he wanted.