Verge gets hacked by accelerated mining, hacker steals around 250000 Verge
Verge, a privacy based cryptocurrency, in the top 20 of Coinmarketcap.com has succumbed to a 51% attack.
According to a Bitcointalk post by “ocminer”, a bug in the code enabled a malicious miner to take over 51% of the mining hashrate and then began mining blocks at a rate of one second for a period of 3 hours. Usually for mining a block in the Verge blockchain, each block must be mined by a different algorithm. This prevents a particular pool from gaining majority hashrate. Here, the attacker spoofed timestamps and was able to use the same algorithm to mine blocks quickly. But the attacker surprisingly stopped the attack themselves after 3 hours.
As per ocminer, He estimated the coins stolen to be in the range of 20 million XVG.
But the attack may not end there.
The attacker through a BitcoinTalk post called out the incompetency of the Verge team:
“Hey Verge Team, get some real developers and fix your code.
We have found another 2 exploits which can make quick hashes as well.”
The developers had initially labelled it as a small hash attack.
We had a small hash attack that lasted about 3 hours earlier this morning, it's been cleared up now. We will be implementing even more redundancy checks for things of this nature in the future! $XVG #vergefam
— vergecurrency (@vergecurrency) April 4, 2018
But the community was unconvinced with the answer as seen here by a Reddit member “variable42”,
Looks like the devs finally tweeted about it.
Given that tweets don’t allow people to expand enough on their thoughts, I’ll attempt to provide an in-depth translation. If I’ve gotten anything wrong please let me know.
We had a small hash attack that lasted about 3 hours earlier this morning,
Translation: An attacker created 10,000+ empty blocks at a rate of one per second over 3 hours. Over $1 million USD was stolen and will likely be dumped onto the market.
it’s been cleared up now.
Translation: Due to no effort on our part, the attacker seems to have stopped. We later implemented a “fix,” but it likely doesn’t work as intended as we’re not sure how to calculate the number of seconds equivalent to 15 minutes. https://github.com/vergecurrency/VERGE/commit/7294e062a61f78ffb05689b562f90985463d1179
We will be implementing even more redundancy checks for things of this nature in the future!
Translation: Due to our own incompetency, we never implemented a very basic check in the code. But we’ll spin the situation to make it seem like this is a positive thing for the network.
Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity
Did you like the news you just read? Please leave a feedback to help us serve you better
Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.
Leave a Reply