Researchers claim to have traced Coincheck NEM to Canadian exchange

Researchers from Blockchain Intelligence Group Inc. (BIG) are claiming to have traced some of the coins from the $500m Coincheck Inc. hack to a Canadian cryptocurrency exchange.

BIG, which touts itself – and its blockchain search and analysis tools – as “the global standard for cryptocurrency search and data analytics”, says its forensics and investigations division believe a chunk of the $523m cache of stolen NEM (XEM) coins are being routed through said Vancouver-based exchange, being converted to other cryptocurrencies and then possibly routed back to Japan, where Coincheck is based.

Bloomberg is quoting BIG’s president, Shone Anstey, as saying “We felt it was a significant amount that warranted looking into,” though the company declined to name the exchange in question or the amount it believes it’s tracked down. Based on the locale, though, Quadriga CX and Taurus would probably be top of the list.

Anstey also said “They [the thieves] are trying to move it before the door is closed, but there is a lot to move.”

One of the big issues with stealing cryptocurrency such as NEM is that the funds can be traced through a ledger that is viewable by anyone – though the identities of those undertaking any transaction can be kept anonymous. BIG, presumably, used such information alongside the tech that powers its QLUE surveillance and reporting package to track them. Previously, Coincheck identified the 11 locations where the 523 million stolen coins were stashed, labelling them with a simple message: “coincheck_stolen_funds_do_not_accept_trades : owner_of_this_account_is_hacker.”

If BIG is correct, though, it would appear that the hackers are following the tactic of moving small caches of the coins over time – which was predicted as one possible way that they could get away with at least some of the currency. Whether or not law enforcement – or Coincheck – have identified any suspects or suspect in the case is not yet known.