17 million Nano has been stolen from the relatively small crypto exchange Bitgrail, in the most significant hack since $500m of NEM was stolen from Coincheck a couple of weeks ago. At the current market rate, this puts the value of the Nano hack at around $154 million. In response to the events, the Nano Core team have released the following official statement:
On February 8th, 2018, the Nano Core team was informed by Francesco “The Bomber” Firano — owner and operator of the BitGrail exchange — of a loss from the BitGrail wallet. Our team promptly contacted law enforcement and we are fully cooperating with law enforcement on this matter.
From our own preliminary investigation, no double spending was detected on the ledger and we have no reason to believe the loss was due to an issue in the Nano protocol. The problems appear to be related to BitGrail’s software.
We had no knowledge of BitGrail’s insolvency prior to February 8th.
In our conversation yesterday (which you can find attached here, this link has been edited to redact a private email.), Firano informed us of missing funds from BitGrail’s wallet. An option suggested by Firano was to modify the ledger in order to cover his losses — which is not possible, nor is it a direction we would ever pursue.
BitGrail is an independent business and Nano is not responsible for the way Firano or BitGrail conduct their business. We have no visibility into the BitGrail organization, nor do we have control over how they operate.
We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time.
We will not be responding to individual posts or accusations by Firano regarding this situation. We are preparing all information we have on the matter such as blockchain entries, screenshots, and chat logs and presenting them to law enforcement.
Please refer to our Twitter account @nanocurrency for future links to official statements.
The Nano Core Team
Whilst it is good to see a fast response from the team, as well as assurance that the underlying protocol remains intact, Nano claiming they are not responsible for the way Bitgrail operates their business has drawn significant criticism from the community. This is because the Nano team actively sought to get XRB listed on Bitgrail and were even linking to the exchange from their homepage, so it is their responsibility to also ensure the exchanges they choose are reputable and solvent.
Several members of the community have also began carrying out their own investigations to attempt to uncover when and how the hack occurred. One user believes they may have found a pattern whereby the hacker/s used shell or flow-through accounts to disguise moving of funds to Mercatox and Kucoin. Hopefully the Nano team and the authorities can continue down this route to try and recover the funds. Another member of the community has also uncovered that the hack occurred several months ago, with the Bitgrail owner misleading Nano and its users in order to try and recover lost funds.
Moving forward, the Nano team have to make some difficult decisions. If the funds cannot be traced and recovered, then they will have to find a solution that does not cause XRB to lose community support. This could involve one or more of the following:
- Fork the blockchain and return lost funds to the users. This is a very difficult decision to make as it has ethical and moral implications that could cause loss of community support, but equally so could not returning users funds and allowing 12% of total supply to be lost.
- Use the development fund to compensate users. Again, not an ideal situation but may be necessary to stop a mass sell off.
- Sue Bitgrail. Nano could potentially sue Bitgrail and liquidate all their assets, using any funds generated to compensate users. This is probably the best option.
We will be sure to keep readers updated with any developments, so return here for news. The lesson learned here is one that is reiterated often, but unfortunately ignored. Never leave your crypto on exchanges and invest in a hard wallet!