Last week, a hacker or group of hackers stole what is now being valued at more $500 million worth of the NEM cryptocurrency from Tokyo-based digital currency exchange, CoinCheck. On Tuesday, the people behind the biggest cryptocurrency theft of all time attempted to sell the stolen XEM coins, according to the NEM Foundation, the group behind the token.
Jeff McDonald, the vice president of the Singapore-based foundation, said NEM was able to track the stolen XEM to a single anonymous account and that the person or people behind it were trying to sell the coins on six different exchanges.
“He is trying to spend them on multiple exchanges. We are contacting those exchanges,” McDonald told Reuters.
McDonald could not put a figure on how many of the stolen coins have already been sold or where the account under investigation is located.
NEM is the tenth largest cryptocurrency according to CoinMarketCap and last week’s heist dealt severe blows to Coincheck, who has yet to resume full service, and the cryptocurrency market as a whole.
According to Time, Coincheck was using different security measures for certain cyrptocurrencies. NEM tokens were being stored online in “hot wallets” as opposed to offline in more secure “cold wallets.” The Japanese exchange also admitted to not using the multi-signature security measure, which requires at least two people in order to access the funds stored in a specific wallet.
This left the exchange extremely vulnerable to the same types of attacks multiple cryptocurrency services have suffered in the past.
The Coincheck attack has raised some serious concerns about the security measures surrounding cryptocurrency, as this hack was not the first and will likely not be the last, according to Wall Street analyst Nicholas Colas.
“I think [the attack] does highlight the fact that the industry still has a long way to go in terms of basic issues of security,” Nicholas Colas, co-founder of DataTrek Research, told CNBC.
It has never been clearer than now that any cryptocurrency service with millions of dollars worth of tokens parked in their servers should take the utmost security measures to protect users’ funds. If not, hacks like this will continue to occur and a market that has already experienced extreme volatility won’t get any better.