2018 has been off to a rocky start when it comes to cryptocurrency exchanges and their security. In January, Japanese-based exchange Coincheck lost over $400 million in XEM in a major hack. This past week, Binance users were on edge due to a potential hack that thankfully turned out to be a server issue. Now, Italian-based exchange, known as one of the few exchanges to first offer Nano - formerly known as Raiblocks (XRB) - has been hacked.
In a statement made from Bitgrail, it claims “Internal checks revealed unauthorized transactions which led to a 17 million Nano shortfall, an amount forming part of the wallet managed by Bitgrail”. With Nano hovering at roughly $10 each, that brings the total dollar value of the hack close to $170 million.
Bitgrail’s statement continued: “Today a charge about those fraudulent activities has been submitted to the competent authorities and now is under police investigation”.
Making matters worse, Bitgrail’s CEO Francesco Firano, aka The Bomber, has been attempting to put the blame on the Nano development team, after they refused to “modify the ledger in order to cover his losses”. Firano is now threatening to press charges against the Nano dev team due to “irresponsible behavior.”
The Nano team is not entirely sure this is a hack, and might be the result of Bitgrail mismanaging or even laundering funds, citing “we now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time.”
Nano devs have not provided further evidence of this claim at the time of writing.
While the news is certainly depressing for those affected, there were red flags for weeks leading up to the hack. In early January, transactions had been frozen on and off, pending sudden verification requirements. Prior to this, Bitgrail had furiously blamed the Nano devs for a node failure, and was notorious for arguing with and inviting Reddit and Twitter users to meet him for a physical altercation.
All cryptocurrency investors should use this and other hacks as a lesson learned even if they were not directly affected. The bottom line is that it is a risk any time you keep your crypto assets on an exchange. Unless you own the private keys, your assets are at the mercy of the exchange, its management, the hacker community, and a lot of luck.