The hackers behind the theft of $550 million in NEM tokens with the Japanese cryptocurrency exchange Coincheck, it seems close to complete cash their criminal proceeds.

According to the report Nikkei, the analysis of the records of online transactions with stolen tokens NEM conducted by the Tokyo cyber security company, revealed that almost all funds were laundered through “dark web”.

The Tokyo-based company L Plus specializing in safety, confirmed that last week’s dark web portal for the sale of stolen funds NEM showed a zero balance. This web site was created 7 Feb operator, offering to exchange the stolen tokens to other cryptocurrencies.

In his analysis, L Plus reported that immediately after the robbery, on 26 January, some of the stolen NEM was listed on third-party digital wallet that is not associated with the robbery. Earlier there was news that in mid-March, the hackers are already washed 40% of the 500 million tokens, despite the fact that the missing funds were marked by the Singaporean Fund NEM.

“Decentralized flexibility of the Protocol NEM allows you to track transactions in real time, which helps the exchanges to identify the wallets associated with malicious activity,” said a nonprofit Foundation in February. — “It helps to make the stolen tokens XEM virtually unusable because they cannot be deposited already, so they were not labeled NEM”.

However, for unknown reasons, this automated marking system was disabled last week NEM Foundation. According to the Tokyo-based company cyber-security, this event has accelerated the exchange of stolen funds for other coins.

It is expected that the criminals will cash the resulting cryptocurrency exchange on foreign exchanges that do not adhere to the strict rules of the system “Know your customer” (KYC) or checking ID.

Meanwhile, Coincheck has kept its promise to pay damages to affected holders of NEM. On 12 March, the exchange began to pay compensation in Japanese yen.