A New Zealand cryptocurrency exchange could hold the key in identifying the hacker who stole the equivalent of about 58 billion yen ($530 million) from the Tokyo-based Coincheck Inc. virtual currency exchange.

In recent days, frequent withdrawals and deposits have been made between Cryptopia, a digital currency exchange operated by a New Zealand-based company, and accounts that were set up by the hacker.

An Asahi Shimbun analysis of transactions records found that the hacker had stored the stolen NEM currency in 45 different accounts as of early Feb. 8.

Police are following the movement of funds for possible clues that lead to identifying who was involved in the hacking scheme.

There are signs that some of the NEM coins were transferred to nine digital currency exchanges in such locations as the United States and the Czech Republic.

Each NEM transfer involved the equivalent of between 60 yen and 900,000 yen based on the latest exchange rate.

Indications also point to NEM coins being sent to and from an account at the Cryptopia exchange.

Between Feb. 1 and early Feb. 8, 21 deposits worth the equivalent of about 400,000 yen were made to a Cryptopia account from the hacker’s accounts.

Conversely, at 1:41 a.m. on Jan. 31 the equivalent of about 60 yen in NEM coins was deposited from the Cryptopia account to an account used by the hacker.

And at 3:16 a.m. on Feb. 1, NEM coins worth about 20,000 yen were deposited into another account held by the hacker.

It is possible that NEM coins deposited into the Cryptopia account were converted into another digital currency. But it was impossible to confirm such transactions from outside the exchange.

The Asahi Shimbun sent six e-mails to the operating company of Cryptopia with questions about the cryptocurrency movement, but the company has not responded.

Takayuki Sugiura, an Internet security specialist who is knowledgeable about cryptocurrency transactions, said the hacker likely set up a Cryptopia account beforehand to exchange the stolen NEM coins for other digital currencies.

“There is the possibility of obtaining vital information that could lead to identifying the hacker,” Sugiura said.

He noted that individuals would have to provide their names and e-mail addresses when registering with a cryptocurrency exchange.

Sugiura also said other important information might exist, such as the IP address used when accessing the exchange and ID documents that are required to transfer large amounts of cryptocurrency.

(This article was written by Tatsuya Sudo, a senior staff writer, and Chihiro Ara.)