Logo Distributed Networks Institute

Verge suffers a 51% attack in April 2018

Summary

Verge blockchain fell victim to a hybrid attack, which combined a mining algorithm exploit with a 51% attack. Attackers exploited vulnerabilities in Verge’s mining algorithm and a bug in the retargeting mechanism, allowing them to mine blocks rapidly and accumulate approximately 250,000 XVG coins, worth $1.75 million. The attack began on April 4, 2018, and despite the Verge development team’s attempts to release patches, the issue persisted until April 9, 2018, when a second patch finally resolved the problem. The security failure was caused by a vulnerable mining algorithm, a bug in the retargeting mechanism, and insufficient testing of patches.

Attackers

The identity of the attackers behind the Verge 51% attack remains unknown. It is speculated that the attackers were sophisticated and well-versed in exploiting the vulnerabilities in Verge’s mining algorithm. By utilizing multiple mining algorithms and taking advantage of a bug in the retargeting mechanism, the attackers were able to mine blocks at a rapid pace. This demonstrated a high level of knowledge and understanding of the Verge network’s security weaknesses and mining landscape.

Losses

During the Verge 51% attack, it was estimated that around 250,000 XVG coins were mined by the attackers, worth approximately $1.75 million at the time of the attack.

Timeline

  • April 4, 2018: A Verge user on Bitcointalk forum reports a possible attack on the Verge network, noting a high mining hash rate (1,560 XVG per second) and rapidly mined blocks.
  • April 5, 2018: The Verge development team confirms the attack and works on implementing a fix for the exploited bug in the mining algorithm. Following the news and the sudden influx of newly minted coins, the price of Verge falls over 7%.
  • April 6, 2018: The Verge team releases a patch to address the exploited vulnerability. However, the patch unintentionally introduces another bug that allows the attackers to continue mining blocks rapidly.
  • April 9, 2018: The Verge team releases a second patch to resolve the issues with the mining algorithm and retargeting mechanism. The attack ends, and the Verge network returns to normal operation.

Security Failure Causes

  • Vulnerable mining algorithm: Verge’s multi-algorithm mining approach, designed to increase network security, was exploited by the attackers, allowing them to mine blocks at a rapid pace.
  • Bug in the retargeting mechanism: The Verge network had a bug in its difficulty retargeting mechanism that allowed the attackers to manipulate the mining difficulty and mine blocks quickly.
  • Insufficient testing of patches: The initial patch released by the Verge team to address the exploited vulnerability was not thoroughly tested, leading to the introduction of another bug that prolonged the attack.