Cyber Incident Victim: BitGrail

In February 2018, the Florence Compartment initiated an investigation into BitGrail, a cryptocurrency exchange platform, following a complaint filed by its former managing director, referred to as FF. FF reported the theft of approximately €120 million worth of Nano cryptocurrency (formerly RaiBlocks – XRP) from the exchange. The theft occurred in January 2018 when attackers exploited a bug in the Nano protocol, enabling unauthorized transactions. Italian law enforcement, including financiers attached to the Florentine Public Prosecutor’s Office, collaborated on the case. Investigators determined that FF, a 34-year-old Italian national, had failed to address the protocol vulnerability despite awareness of its existence. The judge overseeing the preliminary investigation, Dr. Gianluca Mancuso, alleged that FF’s inaction facilitated the theft and that he subsequently profited from the incident. FF faced accusations of IT fraud, fraudulent bankruptcy, and self-laundering related to the loss of funds.

On December 24, 2020, the court imposed a precautionary measure prohibiting FF from conducting business activities or holding executive roles in companies. The ruling emphasized FF’s alleged collaboration with the unidentified hackers by intentionally neglecting to patch the bug. No arrests of the hackers responsible for the theft had been made as of the article’s publication. The financial impact of the incident amounted to the loss of 120 million euros in Nano cryptocurrency, affecting BitGrail’s users and operations. The case remained under judicial review, with FF subject to ongoing legal restrictions while authorities continued efforts to identify the perpetrators.