The privacy-centered Verge Currency (XVG) altcoin has somewhat abruptly initiated a hard fork. This move comes following a so-called ”51% attack” on the currency, made possible by a bug in the coin’s code which allowed attackers to spoof timestamps. The Verge team subsequently tried to calm the public and investors by reaffirming that the problem had been taken care of, but not before the hackers made away with at least 250,000 XVG.
A 51% attack is when a single attacker comes to control a majority of the relevant altcoin’s hash rate. However, the main obstacle that makes it so hard to achieve this is that it requires immense amounts of electricity to control the better part of a coin’s hash rate. Nonetheless, it would seem someone is quite able to power such attacks, as the Proof of Work coin Electroneum was struck by a 51% attack mere days before the Verge attack. Since 51% attacks should, in theory, be nearly impossible to perform, it is believed that the same entity is responsible for both the Verge and Electroneum attack. According to a post on Bitcointalk, the hacker executing the 51% attack managed to exploit a bug in Verge’s code that related to retargeting.
The attempted fix from Verge’s side of things was quickly pushed out to a majority of the pools following the attack. However, this fix only led to more problems, as some forum member realized that the quick fix had accidentally implemented a hard fork. Once Verge had been informed regarding the situation and the potential problems it entailed, such as not having a valid blockchain snapshot anymore, problems synchronizing wallets and general problems with the Verge blockchain, the company pulled the fix and refocused on ”doing a full fork update with extra block verifications”.
Verge made significant efforts to downplay the event, claiming that they experienced ”a small has attack that lasted about 3 hours”. Even though this could strictly speaking be argued, Verge has ceded that at least 250,000 Verge coins were stolen in the attack. Furthermore, some are objecting to this figure and claim that up to 3.9 million coins may have been affected by the hack. This comes as Verge has more than doubled in the last weeks, in preparation for what Verge has called a ”big announcement” set to be made public on April 16th. One can hope that this hack was merely a case of bad luck for Verge if the service is set to garner more followers in the coming months, and not symptomatic of any deeply rooted problems with its security.
Image Source: “Pixabay”