The hackers behind the theft of cryptocurrency worth a whopping 58 billion yen ($530m, £380m) from a Tokyo-based exchange called Coincheck is using the dark web in an attempt to exchange the funds for bitcoin, police investigators close to the probe have revealed.
Speaking to Asia Review, sources said the culprits are using the anonymity provided by the dark web to help launder the stolen cryptocurrency, which is known as NEM.
Officials said those linked to the account where hijacked NEM was sent have been sending messages to potential buyers which contain a URL promising "15% off".
The link directs to an English-language site detailing the transfer offer, Asia Review said.
It remains unclear which dark web-based site the cybercriminals are currently using. Typically, markets operate in a similar fashion to eBay – advertising vendor 'shops', a selection of listed goods and contact forms for buyers and sellers to communicate securely.
Bitcoin is the most popular method of payment on this underground internet, often linked to the trading of stolen accounts, drugs, weapons and hacking tools. "I would guess this person is using the darknet because it helps disguise his or her identity," an expert, unnamed, told Asia Review. "Eventually, he or she will exchange this for cash."
When it was made public, in January this year, the hack was quickly branded as one of the biggest cryptocurrency heists of all time. South Korea's intelligence experts believe that North Korea could be responsible for the incident in Japan, Reuters reported this week (5 February).
North Korea is known to use computer hacking to wreak havoc across the world, and has in the past been linked to a global outbreak of ransomware known as WannaCry. Pyongyang's cyber teams conduct covert operations to make money for the regime, and research has shown how they frequently target casinos, banks and crypto exchanges.
Last month, Coincheck promised it would soon reimburse any customers who had their NEM coins compromised. "We apologise for any inconvenience and worry to you and everyone involved, including our customers," it said. "By steadily implementing improvement measures to be formulated in the future, we will make our best efforts to restore customer trust."
Tokyo's Metropolitan Police Department later launched an operation to investigate the heist.