Verge Falls Victim to 51% Attack, Again
For the second time in as many months, the popular privacy coin Verge has fallen victim to a 51% attack on its network, with attackers netting 35 million XVG, worth around $1.75million at the time of the attack.
Even more concerning, the method of attack seems to be nearly identical to the attack that occurred in early April, another $1million+ heist that called into question the ability of the Verge development team to handle security issues in their system.
According to BitcoinTalk member ‘ocminer,’ the attack takes advantage of a feature of the Verge mining protocol that was supposedly fixed by the development team following the first attack.
The Verge system makes use of 5 different mining algorithms, forcing miners to alternate between the various methods in an attempt to maintain security. Both the most recent attack and the early April attack involved one or more of these mining algorithms being hacked by the attackers to mine blocks extra fast and a bug in the Verge system allowing attackers to attach invalid timestamps to blocks, effectively tricking the network into accepting the unnaturally fast blocks as valid and rejecting all other legitimately mined blocks.
The Verge team has yet to address the vulnerability or the most recent attack, taking to Twitter only to mention the possibility of a DDoS attack on some mining servers and that the team is working on network issues.
This latest attack comes on the tail of Verge’s largest partnership to date, an integration by porn giant Pornhub to accept the currency for membership fees on their website. Whether this and other partnerships will survive another round of questions about the security of the Verge network and the ability of the team to fix issues remains to be seen.
Source: Coin Central