Home / Headlines / Questions Mount Over $170 Million BitGrail ‘Hack’
3 min read

Questions Mount Over $170 Million BitGrail ‘Hack’

Last Updated October 5, 2020 3:47 PM
Josiah Wilmoth
Last Updated October 5, 2020 3:47 PM

Questions continue to mount over $170 million worth of Nano (XRB) tokens that have gone missing from little-known cryptocurrency exchange BitGrail.

As reported by CCN.com sister site Hacked , there is growing suspicion among Nano (formerly Raiblocks) community members that BitGrail, which is based out of Florence, Italy, was insolvent long before the alleged hack and hid the situation from traders and Nano Core developers for months.

BitGrail operator Francesco “The Bomber” Firano first announced on Feb. 9 that unauthorized transactions had resulted in the theft of 17 million XRB, leaving the exchange — which was once one of the highest-volume XRB trading platforms — with just 4 million XRB on hand.

Firano fingered the Nano Core developers as the responsible party, arguing that a protocol bug had allowed a hacker to steal the funds from BitGrail’s wallet. He has said that Nano should fork its protocol to recover the lost funds, a proposal that developers have vehemently resisted.

Meanwhile, Nano’s developers — who appear  to have once had a close working relationship with Firano — allege that the exchange was insolvent long before February.

“We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time,” Nano said in a blog post  addressing the theft.

In fact, they later claimed in an official Nano update  that at least one of these transactions actually occurred on Oct. 23, 2017. The developers deduced this information from a BitGrail data dump, as the Nano protocol does not have timestamps. They added that many of these funds made their way back to BitGrail and another exchange, indicating that the thief had likely already laundered the tokens and withdrawn the proceeds.

Additionally, the theft raised new questions about a policy change BitGrail had implemented in December, which required traders to undergo KYC verification before they could make sizable withdrawals. The exchange processed verification requests extremely slowly, with some users claiming to have been waiting in line for more than a month.

Finally, BitGrail stopped processing XRB withdrawals altogether on Jan. 8, citing internal maintenance. Four days later, the exchange updated its KYC policy to apply to withdrawals of any size.

These events, Nano’s developers noted, occurred at the same time as XRB was beginning to gain support on other exchanges, including KuCoin. The admission of insolvency, meanwhile, was made a week after exchange giants Binance and OKEx added XRB trading pairs.

This, understandably, has raised suspicions that users were attempting to withdraw tokens from BitGrail to trade on other exchanges, leaving the platform with no choice but to suspend withdrawals to hide its insolvency — which, of course, can only be done for so long.

Despite these revelations, Firano and BitGrail continue to maintain their innocence, vowing  that the exchange will re-open soon.

Community members, meanwhile, have been reminded of a quotation, roughly translated from Italian, that was once featured on Firano’s Twitter profile:

“You either die a programmer, or you live long enough to become a scammer.”

Featured image from Shutterstock.