Privacy-focused cryptocurrency Verge (XVG) has been the victim of another hack, in which 35 mln (XVG) were stolen over a period of a few hours on May 22, 2018. Verge (XVG) tweeted that their mining pools were under a DDOS attack on May 21, noting that they were working to resolve it.
Hackers exploited a flaw in the technology of Verge using the same algorithm to mine multiple blocks one second apart. The hackers exploited a bug residing in the code of Verge that lets malicious miners place timestamps that are false on the blocks before rapidly undertaking the mining process. Five mining algorithms are used by the protocol of Verge in rotation and the attackers managed to gain control of the mining algorithms.
More concerning is the fact that there is nothing that has been done to prevent a recurrence of such an attack. Last month hackers employed the same tactic during which more than quarter of a million Verge coins disappeared. This forced the virtual currency to prepare a hard fork.
According to a Reddit user who was the first to raise the alarm, the problem with the second attack is that the flaw that made the first attack possible was not properly addressed and this is what the attackers exploited. At the time the developers of Verge downplayed the flaw in the code. When a hard fork was activated the developers were criticized for using a ‘band-aid’ instead of an adequate solution.
Part of the reason why Verge fits in well with adult products and content such as performance enhancers and porn is the fact that it is a privacy coin which makes it impossible to track payments.
Comments (No)