There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.
What the. Actual. Fuck. That would be bad enough in traditional finance or actually
any online application that handles money. But in crypto such a bug becomes fatal.
Not just that.
Bitgrail Shitgrail had 2 more bugs:
1) You were able to withdraw twice the amount when following this procedure:
- Request withdrawals
- Wait for email confirmation; Don't confirm.
- Request a second withdrawal (same amount)
- Wait for email confirmation; Click on the link and confirm
- Success. You just received 2 withdrawals
2) You were able to withdraw an amount you didn't have as balance:
- Request a withdrawal
- Realize the check for the maximum amount happens client-side instead of server-side
- Manipulate the javascript (yes, javascript.. WTF)
- Profit. You just withdrew a way bigger amount, leaving your balance on
Bitgrail Shitgrail at a negative amount
Those bugs don't happen by accident.
Such bugs appear when the coder has zero (really: ZERO) knowledge.
But its not like hes only unable to code properly, no.
Francesco - Shitesco - Firano claimed 17 million nano got 'hacked' and 'stolen' from his cold wallet.
To sum it up: Shitgrails owner is not just a bad coder, he seems to have zero knowledge on how to perform an exit scam properly.
The FBI already has been informed and investigations are starting. He will get what he deserves.