It appears that cybercriminals have realized they can get a lot more money from hitting cryptocurrency exchanges than via traditional methods like ransomware. The latest company to be targeted is Italian exchange BitGrail, which lost $170 million worth of Nano tokens.
BitGrail was careful not to use words like attack or hack in the statement it put out; instead, the firm said: “internal checks revealed unauthorized transactions which led to a 17 million Nano shortfall.”
BitGrail had been one of the largest trading sites for the RaiBlocks (XRB) cryptocurrency, which was recently rebranded as Nano because many consumers weren’t sure how to pronounce the original name.
As is usually the case following attacks on exchanges, BitGrail has suspended all withdrawals and deposits "in order to conduct further verifications," and the incident is being investigated by authorities. The company assured customers that other currencies have not been affected.
The situation hasn’t been helped by BitGrail’s recent controversies. Back in December, owner Francesco Firano tweeted that it was introducing a KYC (know your customer) policy that required users to verify their accounts before being able to make withdrawals beyond a certain limit—and some customers are reportedly still waiting for verification after two months.
Bitgrail is implementing KYC policy. Daily limits:— BitGrail Exchange (@BitGrail) December 19, 2017
level 1 (unverified): 0.5 BTC
level 2: 1.5 BTC
The check may require up to 24 hours.
Additionally, BitGrail recently announced it was suspending support for non-EU users due to KYC-related legal reasons. This led to concerns from some customers that the change in policy was part of an exit scam, something Firano denies. He also claims the Nano devs don’t want to collaborate on investigating the recent incident.
NANO on BitGrail have been stolen.— Francesco The Bomber (@bomberfrancy) February 9, 2018
Unfortunately there is no way to give it back to you at 100% (we only got 4 MLN XRN right now).
The devs, as you have guessed, dont want to collaborate
In a Medium post, the Nano team responded with: "From our own preliminary investigation, no double spending was detected on the ledger and we have no reason to believe the loss was due to an issue in the Nano protocol. The problems appear to be related to BitGrail’s software.”
“We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time,” it added.
Unlike the recent $500 million hack on Japanese exchange Coincheck, Firano said there’s no way to 100 percent reimburse affected users. Following news of the theft, Nano’s price dropped from around $11 to just over $9.