The BitGrail 17m NANO ‘hack’ – what really happened?

BitGrail, a cryptocurrency exchange, announced insolvency on February 9 after reporting a 17m NANO ‘hack’ worth $200m at the time.

The NANO team have since separated themselves from ‘The Bomber’ Firano, the owner of BitGrail, issuing a separate statement blaming BitGrail for the loss of funds.

Firano has responded tweeting that the claim is libellous blaming “unauthorized transactions” in its official statement and has the view that NANO should hard fork to replace the lost coins.

Below, I examine the recent developments including analysis of a conversation between Firano and the NANO team.

7HDiZTeq_400x400
Firano’s display picture on twitter

 

 

NANO – Firano conversation:

On Thursday February 8, Firano started a group conversation with several of the NANO team. He alleged that he discovered a 15m NANO hack that morning. He focused on trying to convince the team to do a ‘hard fork’ making up for the lost coins which they swiftly declined. The team then tried to pin down and understand the ‘hack’ before deciding not to make a joint statement.

He started the group conversation asking for Colin because he has the ability to fork the chain which was Firano’s aim. When Colin tried to get a specification on the range of the issue, he responded: “yes colin we can have the last stored info to get the renge [sic]. anyway, what can we do to avoid the worst?” Once Firano understood how to do it, he acknowledged it but then diverted to trying to find a fix. This showed that he is not concerned with allowing the team to fully analyse the problem, hoping they would blindly ‘fix’ it.

Furthermore, there has been speculation as to what point Firano found out about the ‘hack’. Jack Shapiro asked: “If withdrawals have been closed for the last month, how did you not notice this?” Firano only response is about the uncertainty of the date of the attack although earlier Jack had noted “It looks like it’s been going on for months.” A tweet on January 28 shows that BitGrail suspended deposits and withdrawals “for internal system optimization”. However the inability for NANO owners to withdraw their funds up to the insolvency of the exchange has led to speculation that Firano knew of the problem.

Understanding the Issue:

The creator of NANEX argued that “The RPC API was being used improperly.” He pointed out that there are two options for an exchange, one of which has checks to stop ‘double withdrawal’ and one that doesn’t. He noted that KuCoin made the same mistake but quickly remedied it and reimbursed their users. However this begs the questions why did NANO not check other exchanges once it discovered that KuCoin had made this mistake? Furthermore, was their documentation not clear enough in the first place?

NANO statements:

NANO official statement: “From our own preliminary investigation, no double spending was detected on the ledger and we have no reason to believe the loss was due to an issue in the Nano protocol. The problems appear to be related to BitGrail’s software.”

“We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time.”

Firano’s response:

Firano February 11 Twitter: “After your libelous announcement against me yet false and misleading for the investigations, since you decided to share sensitive info without my acknowledgement, i invite you not to contact us anymore.”

Next steps:

NANO issued a statement which implies that legal proceedings are already in order: “Our team promptly contacted law enforcement and we are fully cooperating with law enforcement on this matter.” It is possible that Firano may face criminal charges if there is evidence to show that he committed fraud or theft. In the meantime, a reddit user, ‘TickleMeSmallz’, has since suggested setting up a fund to distribute to those who lost NANO from Bitgrail. This is unlikely to go ahead as many are waiting to see what happens regarding legal action.

 

The conversation between NANO and Firano can be seen here: https://www.dropbox.com/s/3g38y67luolfvqs/Colin_ZS_Bitgrail_chat_log.pdf?dl=0

Article written by Tim Copeland

 

[Disclaimer: I own various cryptocurrencies that may include the topic of the article. My main holdings are in XRP, NANO, ADX, DGB, NAS.]

To get Bitcoin or Ethereum, sign up to Coinbase.

To exchange for Ripple (XRP), NEO (NEO) or Litecoin (LTC), sign up to Binance.

If this post has informed you or helped in any way, feel free to donate ETH to 0x8c854F441248936BD12EB32373bb16Aa99129483

One thought on “The BitGrail 17m NANO ‘hack’ – what really happened?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s