Story image

Cryptocurrency exchange says it lost $195m to hackers – but is it a scam?

13 Feb 2018

Have you heard of BitGrail? The Italian cryptocurrency exchange wasn’t known to many until last week.

The company claims that it was hacked late last week in an attack that saw US$195 million worth of customers’ cryptocurrency stolen. However, there is emphasis on the word ‘claims’, as there are many (including the developers of the stolen currency) who believe it’s all a scam.

BitGrail is one of many exchanges around the world that facilitates the trading of Bitcoin and other cryptocurrencies and until recently was one of the main portals for the trading of Nano – formerly known as RaiBlocks.

Dubious moves by the exchange in recent months have driven the growing scepticism surrounding BitGrail founder Francesco Firano’s announcement that 17 million Nano tokens had been stolen, amounting to roughly $195 million.

In January BitGrail put a stop to all withdrawals and deposits of Nano, Lisk and CryptoForecast tokens. This company then announced it would begin enforcing identity verification and anti-money laundering protocols for its users with the potential to block non-European users – this is despite the company not ever dealing with government currencies or banks.

And then finally, Firano seemingly asked the developers of the Nano currency to alter their records to restore the funds supposedly stolen from the exchange.

In the wake of all this drama, the price of Nano dropped 20 percent and the Nano team shared a copy of their communication with Firano publicly rejecting his bizarre request, alleging “we now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time.”

Essentially, Nano’s developers believe Firano has made a hash of customer assets and is now claiming a hack as cover for his actions.

Despite all this, Firano asserts he has reported the hack to the police, which is now being investigated.

High-Tech Bridge CEO Ilia Kolochenko says it is difficult to forecast how many more similar incidents will happen in 2018, but undoubtedly a lot.

“Some people still naively believe that crypto-currencies are their chance for a wealthy life, and they blindly spend their last savings on unstable digital coins via opaque online platforms. Obviously, it’s a windfall for unscrupulous “entrepreneurs” who won’t shun the low-hanging fruit,” says Kolochenko.

“Law enforcement agencies are already busy enough with major data breaches of large retailers and banks, and simply cannot allocate sufficient resources to prevent, investigate and prosecute fraud in the grey area of unregulated crypto-currencies.”

However, Kolochenko says he will not point the finger at anyone prior to a rigorous technical investigation.

“Many blockchain startups simply neglect and carelessly disregard the fundamentals of cybersecurity,” says Kolochenko.

“Their negligence cannot help to attract cyber gangs who can steal their crown jewels with almost absolute impunity. Money laundering with digital coins is also pretty simple. I think, 2018 will mark more notorious cases of similar incidents.”

The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.