Hackers Growing Smarter, But Japanese Crypto Exchanges Say They’re Fighting Back

Crypto Exchange Japan
bitFlyer executive says hackers use advanced AI tools and LOTL attacks to target staff and networks
Last updated:
Author
Author
Tim Alper
About Author

Tim Alper is a British journalist and features writer who has worked at Cryptonews.com since 2018. He has written for media outlets such as the BBC, the Guardian, and Chosun Ilbo. He has also worked...

Last updated:
Why Trust Cryptonews
With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

Crypto exchanges’ past security woes are well documented. But in 20204, they continue everywhere, with multi-million dollar hacks now a seemingly regular occurrence.

Last month, Chainalysis reported a drop in overall illicit crypto transactions. But it also noted that this year has already seen a 2.8% rise in hacking attacks.

By the midpoint of this year, the cumulative value of stolen cryptocurrencies had hit the $1.58 billion mark. That represents an 84% increase compared to the same period in 2023.

Crypto Exchanges: A Top Target for Hackers?

For hackers, exchanges represent the biggest prize in the crypto world. In many cases, millions of USD worth of transactions pass through their platforms every day.

Arguably nowhere on earth has felt the pain of hacks quite as acutely as Japan. The Mt. Gox hack of 2011, and the platform’s eventual collapse in 2014 were crippling blows.

And a potential coup de grace followed in early 2018, with the Coincheck hack – then the biggest hack in crypto industry history.

These security breaches rocked the confidence of Japanese investors, once some of the most crypto-keen people on earth.

Earlier this month, a top Japanese exchange chief noted that yen-Bitcoin trades made up 50% of the global BTC market in 2017-2018.

Japan’s presence has since dwindled to a “small” and “fading” percentage of the global market share.

Surely, the only antidote to Japanese crypto crises will be proving that the sector’s security worries are a thing of the past. So how are exchanges hoping to do this?

Big Challenges for Japanese Platforms

Keisuke Igarashi, the PR Manager at the CEO’s Office at bitFlyer, hints that the task is not easy.

He concedes that hackers’ attacks on crypto asset exchanges are “becoming more sophisticated every day.”

Igarashi told Cryptonews.com:

“In addition to traditional phishing mail attacks targeting employees from the outside, hackers have been contacting employees via social networking services to gain their trust. They try to encourage them to install malicious software.”

In some cases, hackers get even more devious. They have begun hijacking the social networking accounts of former staff members. Attackers then use these accounts to contact current employees.

“There have been recent cases where people have applied for employment positions using profiles and images created by generative AIs.”

Keisuke Igarashi, CEO’s Office PR Manager, bitFlyer

bitFlyer says it is responding to these rising threats by collaborating with industry associations and external organizations. These include the JC3 Japan Cybercrime Control Center and the National Police Agency.

A graph showing trading volumes on the bitFlyer crypto exchange over the past 12 months.
Trading volumes on the bitFlyer crypto exchange over the past 12 months. (Source: CoinGecko)

Sharing data is another powerful tool, Igarashi said. When the platform detects an “advanced attack,” exchange staff “widely disclose the attack method.”

This tactic, Igarashi said, can help “make similar attack methods and attack codes obsolete.”

“It makes it impossible for hackers to use the same methods on other companies. So the attack methods they have developed will be wasted.”

Igarashi

Igarashi noted that bitFlyer has stayed hack-free thanks to factors such as a “high level of security awareness” among its employees, the use of in-house developed wallets “with security in mind,” and “thorough” compliance protocols.

However, even measures like these will be put to the test by next-generation hackers, whose arsenal of tech tools expands by the day.

In the future, Igarashi explained, exchanges will have to deal with advanced social engineering attacks that use AI tools to infiltrate networks.

Exchanges are also concerned that “increasing geopolitical risk” may see “new attack actors” join the fray. Many of these may use “unknown attack methods,” the bitFlyer executive warned.

Some use sophisticated so-called living off the land (LOTL) attacks. These attacks typically use pre-existing software and bona fide system tools to execute malicious activities.

And that, security experts say, lets many attackers go undetected. Igarashi said:

“State-sponsored attack actors have abundant resources and tend to conduct attacks with an awareness of LOTL. That makes it extremely difficult to detect attacks. We need to develop an environment that does not allow LOTL attacks.”

A group of bitFlyer employees.
A group of bitFlyer employees.

Again, a concerted, industry-wide effort could provide the solution. The bitFlyer executive said that as attack codes “tend to be used for multiple platforms,” players needed “countermeasures to avoid creating weak points on different platforms.”

In Japan and nearby South Korea, strict regulations have limited the number of international tech players active in domestic markets.

This has led to the growth of a scene that is still largely dominated by domestic tech startups. However, experts have previously told Cryptonews.com that many East Asian crypto exchanges are “low-hanging fruit” for hackers.

When asked if this was still the case, Igarashi answered:

“Although it is difficult to answer this question due to the lack of accurate statistical data, one could think that there seems to be a tendency.”

Exchanges: Taking the Initiative

The Japanese industry’s painful memories of the Mt. Gox and Coincheck hacks have led domestic exchanges to take the bull by its horns.

A graph showing Mt. Gox’s BTC Balance and USD Value from Jan 2015 to mid-2024.
Source: Dune/@21co

After the events of early 2018, industry chiefs, including the bitFlyer CEO Yuzo Kano, launched a new self-regulatory body.

Named the Japan Virtual Currency Exchange Association (JVCEA), this body systematically audits its member exchanges, ensuring they comply with rules and regulations.

“The JVCEA has worked to create an environment in which transactions can be conducted with peace of mind, thereby restoring public trust.”

Igarashi

Exchange staff are also working on initiatives like the Cryptoassets Governance Task Force (CGTF), a study group that tries to establish industry-wide security standards.

Kano and others say they are also working on security and investor protection methods with Tokyo officials. Igarashi concluded:

“We will continue to work with the government and industry associations. We want to improve the environment so the industry can continue to earn the trust of society.”

More Articles

Industry Talk
Dogecoin Price Chops as a 700 Million Whale Transfer Leaves Investors in Awe – What’s Next?
Joel Frank
Joel Frank
2024-10-15 17:07:54
Industry Talk
Can NEIRO Make Millionaires in 2024? NEIRO Price Analysis 
Tim Hakki
Tim Hakki
2024-10-15 16:42:00