An 18-year-old Japanese teenager has been arrested and sentenced after he stole $134,000 in MonaCoin (MONA) by finding a flaw in the Monappy app. It’s the first time the Japanese authorities have arrested and charged someone with theft of cryptocurrencies in the country since it introduced its sweeping regulations. Monappy noticed its MONA stores were running unusually low and were alerted to the issue after the hacker had been draining funds for just over a month between August and September 2018.
How Does the Hack Work?
While it’s not exactly a hack, the teenager noticed a flaw in the app’s codebase that allowed you to send as much MONA to your own wallet as you like if you make several transactions relatively quickly. In court, the teenager admitted to using the flaw in the codebase to steal MONA, saying
I felt as if I’d found a secret trick and thought I would take out all of the MonaCoin.
Using Tor Browser to Leverage Security
The teenager was rather smart in how he went about infiltrating the app to steal its stockpile of MONA. He employed the use of the Tor browser in a bid to mask his identity and encrypt the traffic coming from his machine. The Tor browser helped him evade detection when Monappy first launched its investigations and allowed him to escape the law for a significant amount of time. Eventually, the Japanese authorities managed to track his activities to his IP from the transaction data he left behind on servers.
Japan Leading the Way in Crypto Regulations
Attacks and hacks of this nature are rather uncommon in Japan, as it has one of the most stringent regulatory processes in the world. The Japanese Financial Services Authority (JFSA) first released crypto regulations in 2018, and have already announced amendments to make the industry more secure.
Thieves Facing Jail Time
When it comes to stealing crypto, most thieves are being caught by the relevant authorities. Over in Australia, a woman who stole 100,000 XRP was finally caught after she transferred the funds into her own personal wallet – a rookie mistake. Fortunately, many crypto thieves are making the same mistake and getting caught rather easily. Europol managed to capture the man who stole $10 million in IOTA tokens after he made the same mistake.
The teenager has been issued with a two and a half year suspended sentence, while Monappy have been ordered to fix the flaw in its codebase to prevent issues like this happening again.