QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$87 000 000 USD
AUGUST 2018
CHINA
NONE
DESCRIPTION OF EVENTS
"In March [2018], Zhang had registered a complaint with the police department in Xi’an, the capital of the Shaanxi province in central China. The Chinese resident claimed that digital currency worth about $14.5 million had been stolen from his crypto account after his computer was hacked." "In total, digital currencies valued at around $87 million (or 600 million Chinese yuan) has been reported to be stolen from crypto accounts belonging to private local corporations and individuals."
"The Chinese police officers began investigating the cryptocurrency heist in March 2018. It began when a man from the city filed a complaint regarding his stolen cryptocurrency tokens. The man noted that 100 million yuan in Bitcoin and Ethereum was stolen from him."
"The Jakarta Post reported that the transfer of the stolen cryptocurrencies provided the Shaanxi police with a digital trail. It was, however, an extremely difficult task. The Chinese police had to analyze over 30,000 pieces of information and work with domestic internet companies before they could find the trail but once they found the trail, it led them to someone called Zhou who was located in the Central Province of Hunan."
"According to police reports, local authorities have now managed to identify a suspect, with the last name Zhou, who may have hacked into Zhang’s computer and stolen his crypto assets. Police investigators noted that Zhou’s online activities were tracked with the help of several unnamed local internet companies."
"Notably, the investigation also led to the arrest of two other Chinese hackers who are suspected of stealing millions of dollars worth of cryptocurrency by breaking into the personal computers of various other local residents."
"These hackers were found to have been using malware programs to alter the intended recipient’s crypto address to one belonging to them. This malicious activity has reportedly led to huge amounts of digital currency being stolen, as the payments are sent to the cybercriminals’ accounts, instead of the intended recipients."
"A task force was set up and a preliminary investigation revealed that hackers had used remote hijacking techniques to gain access and control of cryptocurrency accounts belonging to the victim – only identified as Zhang – with nearly no footprints of the crime."
"The investigation progressed and three months later, the task force was able to spot a suspect, named Zhou, with the help of ‘well-known’ internet companies in China. Authorities kept their distance and began tracking Zhou’s activities for a further two months. Before long, police identified two other accomplices by snooping in on Zhou’s communication." "The investigators enlisted the help of internet companies and police across the country. After three months of work, a suspect ("Zhou") was identified. Zhou was observed for two months, and two accomplices ("Cui" and "Zhang") were identified."
"The three suspects from China’s capital Beijing and its Changchun and Hunan provinces were taken into police custody on August 15th, after a 30-day investigation by local authorities. These arrests have reportedly been linked to a complaint filed by a Chinese citizen with the surname Zhang." "The three were arrested in a coordinated operation on August 15 in Hunan, Changchun, and Beijing. All suspects turned out to be experienced hackers, and their haul estimated at 600 million yuan."
"Chinese authorities believe that the three identified suspects might be responsible for the theft." "The South China Morning Post reported that the three suspects were very experienced with hacking technology and that they were interested since they were 12 and 13. Furthermore, the three hackers also had extensive corporate experience and worked for large internet companies."
"The hackers apparently separated the money from the cryptocurrency heist. They broke the total amount into smaller components and underwent many transactions to cover their tracks."
An officer in Shaanxi commented: “Unfortunately, our bureau has not dealt with this kind of case before. It’s the first virtual currency-related case in Shaanxi.”
"Although police investigations are still ongoing, the large amount of cryptocurrency allegedly stolen raises serious concerns, as there are now numerous cases of cybercriminals targeting digital currency investors."
More than $87m worth of cryptocurrency appears to have been stolen from Chinese investors, including $14.5m from one investor. These thefts apparently happened through hacking into their computers and installing malware which swaps the cryptocurrency addresses for payments.
HOW COULD THIS HAVE BEEN PREVENTED?
Care needs to be taken whenever signing a transaction to ensure that the recipient is correct. It is best to make regular use of a separate computer or hardware wallet for transaction signing, which is not used for any other activities and ideally kept offline.
$87 Million In Cryptocurrency Allegedly Stolen By Chinese Hackers, Local Authorities Report | Cryptoglobe (Apr 23)
https://crypto.news/three-suspects-in-chinas-biggest-87-million-cryptocurrency-heist-arrested-by-police/ (May 24)
https://www.scmp.com/news/china/society/article/2160387/chinas-biggest-ever-bitcoin-hacking-case-sees-three-held-over?module=perpetual_scroll_0&pgtype=article&campaign=2160387 (May 26)
https://www.thejakartapost.com/news/2018/08/19/chinese-police-arrest-suspects-after-87-million-cryptocurrency-theft-.html (May 26)
https://www.ccn.com/chinese-police-arrest-hackers-behind-87-million-cryptocurrency-theft/ (May 26)
Three Arrested in China Over $87 Million Cryptocurrency Hacking Theft | Finance Magnates (May 26)