Italy’s largest cyberfinancial attack: 230,000 victims

He was running a cryptocurrency exchange platform, but pretended not to know that hackers were stealing from its users by exploiting a known security bug: a Florentine man reported.

The Postal Police of Florence and the Financial Cybercrime Section of the Central Service of the Postal Police in Rome, in collaboration with the American FBI, have uncovered a huge wire fraud to the detriment of more than 230 thousand people worldwide, pulled off by a 34-year-old Florentine sole administrator of a cryptocurrency exchange platform.

The man is accused of computer fraud, fraudulent bankruptcy, self laundering and, above all, of having made 11,500,000 Nano XRB disappear into thin air. At the current exchange rate of this cryptocurrency, this is a 120 million euro hole. It was therefore an extremely complex police operation, unprecedented in Italy and, probably, in Europe given the amounts at stake. According to the investigators at the base of everything there would be a security flaw in the transfer protocol of Nano cryptocurrency, cleverly exploited by the owner of the exchange platform to make users' money disappear.

120 million disappeared into thin air

According to the Postal Police's reconstruction, the suspect was absolutely aware of the security bug in the Nano protocol and, as the owner of a cryptocurrency exchange platform, he should have implemented security patches to close the flaw.

Patches that had been made available by Nano's software developers, but purposely ignored in order to allow complacent hackers to steal virtual money from the wallets of the Italian company's users. The bulk of these illicit movements occurred at the turn of 2017 and 2018.

The Postal Police explains: "In keeping the platform open, despite having detected the illicit withdrawals of Nano Moneta, and not informing the Nano Team, the community and the users of the verified shortfalls, at least of the withdrawals of large amounts that occurred in July and October 2017, F.F. continued to attract new users, passed in the space of a few months from 70.000 to about 217,000".

Bitcoin supplier

The Florentine at the center of this story was already known to the Postal Police: having large amounts of cryptocurrencies at his disposal, in fact, he was one of the largest Italian suppliers of Bitcoin to companies affected by ransomware.

That is, those viruses that first encrypt data, in fact blocking them, and then ask for a ransom in Bitcoin to companies to provide the key to decrypt them. The man to turn to in order to get Bitcoins in Italy was apparently the same person who turned a blind eye as cybercriminals snatched Nano XRB from users of its cryptocurrency exchange platform.