Canaan’s Former Chairman Jack Kong Faces Crypto Project Hack From Insider
China-based computer hardware manufacturer Cannon has disclosed the hacking of a cryptocurrency project in which its former chairman, Jack Kong, had invested.
The hacker was an insider from a crypto project and fled to Thailand following the crime. “The hacker fled to Thailand but was arrested and returned to China within 48 hours after working with the Chinese police,” Wu Blockchain read in a tweet.
“The hacker has been hiding for a long time, secretly photographing passwords and changing hardware wallets.”
Kong wrote on Oct. 1 that crypto project imToken immediately investigated the issue and initially believed it to be phishing.
“Initially, there was no suspicion that it was an insider crime. Although it was concluded that EmToken did not involve fake wallet customers, authorized fraud and lido phishing, it is unlikely that the group did not have a specific target of suspicion.
Kong received the information about the attack from the project team and immediately assisted the team by contacting several institutions.
“But I decided to reduce the investment completely because of the uncertainty of getting the money back,” he added.
Insider risk
Kong said a few hours later another breach was reported from “another large wallet”. It was only after this that the project team started investigating the insider hack further and reported the matter, he added.
He was charged by the police the next day, Kong's tweet read. With the help of crypto exchange Bitmart and blockchain security platform Slow Mist, the crypto project helped the police by issuing verification letters to various platforms.
“The suspect tried to get some Thai baht online, thinking no one could find him. The suspect was arrested by the Chinese police on the mainland.
Kong warns the hackers that as long as they try to withdraw stolen funds, “unless you take these coins to the grave,” there will be a way to track them down.
He also stressed that whenever a theft occurs, companies must simultaneously investigate internal and external crimes.
Safety education for users
Kong urged crypto firms to establish security education, including practical “realistic theft simulation training and prevention.”
“Most people don't have personal experience when it comes to safety education.”
He suggested that capable institutions and individuals form a “security DAO” together. This helps experienced teams engage in education, training and detection, which speeds up the investigation process and enables the recovery of stolen assets before hackers attempt to withdraw funds.
His post also confirmed that almost 100% of the stolen funds were recovered. “A very small part and the GAS lost in the coin simulation process were not found,” Kong added.
