Japanese Exchanges ‘Punished’ By FSA Regulators

  • FSA suspended trading on 2 Japanese exchanges for 30 days
  • 5 Japanese exchanges were found to have inadequate security and most produce a security audit by March 22nd

The Japanese Financial Services Agency (FSA) stated on Thursday 8th that it has suspended two cryptocurrency exchanges. Each suspension is a month long and starts from today. The suspension has been ordered as the result of poor security and compliance standards.

Bit Station and FSHO were the exchanges that had trading halted for a month. However, 5 other exchanges came under fire from the FSA and must produce and submit a ‘Security Improvement Plan’ by March 22nd. 

The FSA found these five exchanges to have insufficient security measures. Those five exchanges are Tech Bureau, GMO Coin, Mister Exchange, Bicrements as well as Coincheck.

Coincheck

Coincheck suffered one of the worst cyber heists in history in late January this year. Over $500 million in NEM were stolen. It is thought that the heist prompted Japanese regulators to conduct more thorough checks of all crypto exchanges in the country. The Coincheck CEO Koichiro Wada even agreed with the FSA decisions and said that the current systems:

“Weren’t in keeping with the expansion of our business”

Coincheck CEO Koichiro Wada

Coincheck said a hacker used malware to infiltrate the network, the hacker then proceeded to steal an encrypted key which was used to transfer coins out of the exchange. Despite claiming to store the majority of their funds in ‘cold storage’, the coins were stolen from ‘hot wallets’ which are exposed to the internet making the coins more vulnerable.

Unregistered Exchanges

According to an article from Reuters, many of the exchanges in Japan are unregistered with the FSA. 

“It’s problematic that these 16 unregistered exchanges have been able to continue trading... In the first place, should they have been allowed to operate while their applications for registrations are still incomplete?”

Sanae Takaichi

It is not just the unregistered exchanges that have been deemed to fall short in security measures. The FAS found that GMO Coin, a registered exchange, was suffering system glitches frequently and the exchange was unable to identify the root cause of the glitch. It is the FSA's hope that, by ordering security reports for March 22nd, another possible Coincheck scenario can be avoided.

Coinbase Doesn’t Want You to Get Scammed on Telegram

On Friday (April 19), cryptoasset exchange Coinbase's security team explained how various "threat actors" are trying to use Coinbase's brand to commit scams on messaging platform Telegram. 

Telegram is a free cloud-based messaging app with the ability to make voice/video calls. It is available as a web app, a mobile app (OS and Android), and a desktop app (MacOS, Windows, and Linux). In recent years, it has become the messaging platform of choice for cryptocurrency traders/investors, developers, and entrepreneurs for various reasons, such as the ability to create price bots.

In a long, detailed article published on Friday, Matt Muller, Head of Security Operations at Coinbase, started by pointing out that "Coinbase does not provide support through Telegram, nor do we have any authorized groups or channels." (In fact, "Coinbase has no official presence on Telegram," and "any usage of the Coinbase logo or brand on Telegram" should be considered a scam.)

He then went on to say that Coinbase's security team has been following the activities of "several threat actors attempting to leverage the Coinbase brand on Telegram for purposes ranging from crypto scams to account takeovers." 

In order to help users of Coinbase and other exchanges recognize "the signs that they may be talking to a scammer," Muller outlined some of the most common scam techniques on Telegram.

  • Employment Scams"Scammers on Telegram impersonate Coinbase recruiters and executives with fake career opportunities. These scams prey on job seekers, soliciting payment for training materials, mining hardware, or in some cases providing stolen financials for the purposes of money laundering. These job offers will appear very legitimate, with forged offer letters and seemingly astute interview questions. Coinbase recruiters will never contact job seekers via Telegram."
  • Giveaway Scams: "Impersonations of our executives and brand to perpetuate giveaway scams are becoming increasingly common on Telegram. One channel in particular, titled simply Coinbase, advertises a new giveaway scam almost daily."
  • Load-up Scams: "Telegram frequently hosts scammers advertising the buying or 'loading' of accounts with high limits. These scammers ask to access your Coinbase account, so they can use your verified limits to buy digital currency. While they claim to split profits with the account holder, in actuality, they use stolen credit cards and bank accounts, leaving you responsible for facilitating a financial crime. When the legitimate card or account holder reverses payments, you will be responsible for any account delinquencies caused by the fraudulent bank reversals. In many cases, the scammer will lock you out of your account, use your own payment methods without consent and steal any available digital currency."
  • Tech Support Scams: "Scams impersonating customer support take many shapes and sizes... Scammers will impersonate Coinbase or Coinbase employees, asking you to take action that results in theft of digital currency. Some scams involve fake promo offers. Many of these scams ask for remote access to your computer, something Coinbase personnel will never ask for... In other situations, the scammers pressure you into 'upgrading' or securing your Coinbase account by sending digital currency to their external address."
  • Coin Listing and ICO Scams: "Scammers on Telegram often approach project developers soliciting payment for asset listings on Coinbase and other digital asset exchanges. In addition, scams promising investment bonuses on new ICO listings are prolific."

Featured Image Credit: Photo by "geralt" via Pixabay.com