BitGrail, a leading Italian cryptocurrency exchange, lost almost 17 million Nano cryptocurrency to unauthorised transactions, thereby suffering losses of up to $170 million in real money.
Both BitGrail and the Nano team have reported the incident to authorities and are trying to uncover individuuals who performed such unauthorised transactions.
BitGrail is now unable to refund all its customers as it is left with only 4 million Nano cryptocurrency, earning the wrath of customers who are now planning to file a class action lawsuit against the exchange. At the same time, the exchange has been accused by the Nano Core team for misleading it regarding the solvency of the exchange.
In a letter to customers, BitGrail confirmed that all cryptocurrency coins, with the exception of NANO (of which about 20% remain), were safe. Terming the loss of Nano coins as 'theft', the exchange added that it filed a complaint with the authorities and reported all information regarding the hacks and the exploited bugs.
The large-scale theft of Nano cryptocurrency worth hundreds of millions is another example of how cyber criminals are targeting cryptocurrency exchanges across the world to gain access to more coins whose values have been increasing in the recent past.
Back in December, popular South Korean cryptocurrency exchange Youbit was forced to declare bankruptcy after a major cyber-attack on its servers wiped out 17% of its overall assets. This was the second major cyber-attack suffered by the firm in less than ten months.
A week ago, cryptocurrency marketplace NiceHash's payment servers were compromised, resulting in the loss of Bitcoin wallet value worth millions of dollars. According to CoinDesk, hackers stole as many as 4,736.42 Bitcoin from NiceHash customer wallets which were equivalent to more than $62 million at current rates.
A cyber-attack on Bithumb, South Korea's largest etherium cryptocurrency exchange, in July also resulted in a loss of over $1 million in digital coins. The hackers also compromised details of 30,000 customers and proceeded to dry up customers' Bithumb accounts using stolen passwords.
'No matter how secure a currency is, if the web application, mobile application, server or network the currency operates on is vulnerable, the contents are at risk. Secondly, there needs to be a greater focus on preventing social engineering attacks - protecting against website clones and educating users to avoid malicious websites and apps as quick as possible.
'If cybersecurity continues to be a second thought, we will continue to see sustained attacks that damage the reputation of virtual currencies as a whole, and ultimately results innocent users losing their money to criminal,' said Leigh-Anne Galloway, Cyber Resilience Lead at Positive.com.