Verge cryptocurrency hack shows, no, blockchain isn't invincible

in #bitcoin6 years ago

https_%2F%2Fblueprint-api-production.s3.amazonaws.com%2Fuploads%2Fcard%2Fimage%2F747642%2Fdf190ec4-a3fb-4a28-b02e-32c15d8910b7.jpg
Privacy-oriented cryptocurrency Verge (symbol: XVG) was apparently hacked Wednesday, with the attacker making off with around 250,000 coins with a value of roughly $15,000 (though some reports go as high as $1 million).

Compared to some recent crypto-related hacks, this attack was particularly nasty as it compromised the integrity of Verge's blockchain.

SEE ALSO: Cryptocurrency exchange puts $250,000 bounty on hackers

The attack was discovered by ocminer, a poster on Bitcointalk forums (via Bitcoin.com), on Wednesday afternoon. According to him, a hacker used "several bugs" in Verge's code to mine an extraordinarily large number of new blocks in Verge's blockchain, thus rewarding himself with a lot of Verge coins.

Ocminer and several media outlets called this a "51% attack," which is frightening as this type of attack is theoretically possible on other blockchains which rely on a proof-of-work (PoW) validation mechanism, including Bitcoin and Ethereum.

But even though this attacker technically managed to capture the majority of mining power on Verge's network, this type of attack wouldn't work on Bitcoin.

In plain terms: In PoW-based cryptocurrency systems, miners are people who use computing power to validate the transactions on the network and are awarded in new coins. These systems are typically quite robust, but if any one miner (or mining pool) should capture the majority (hence the 51%) of the network's mining power, then they can do all sorts of bad things on the network, including spending coins that were already spent (this is called doublespending).

In Verge's particular case, it's a little more nuanced. Verge uses five different cryptographic algorithms for mining, switching to a new one for every block, but the attacker figured out a way to fake timestamps of his blocks and mined them all with one algorithm. In this way, he was able to capture the majority of the network's mining power with far less computing power than he'd normally need.

Nevertheless, the attack is serious as it requires a hard fork (cryptocurrency lingo for a very big upgrade that leaves the old blockchain behind and requires all participants to switch to new software) to exclude the blocks the attacker had mined.

Verge's official Twitter account tried to downplay the severity of the attack by calling it a "small hash attack" that's been "cleared up now."

#crpto #btk #follow
6 years ago in #bitcoin by
$0.00
    2 votes
    Reply 1

    Coin Marketplace

    STEEM 0.28
    TRX 0.12
    JST 0.033
    BTC 70434.55
    ETH 3761.18
    USDT 1.00
    SBD 3.84