Verge – XVG – Being Stolen Reportedly
Reports have recently surfaced that privacy-oriented Verge (XVG) might be getting hacked. What we know so far is that there are certain bugs in the code which are reportedly pumping out $1,000 in XVG per minute. Notably, this bug appears to have similarities with the one found just last month, which was referred to as “Time Malleability”. It involved hackers manipulating the transaction timestamps that are recorded during crypto mining.
The miners exploiting last month’s vulnerability were able to use a made-up timestamp, which happened to show a time that was an hour before the real time. This “fooled” the XVG protocol by making it believe that the last block mined using that algorithm occurred an hour before than it actually did. So, in the block that followed that had the present time, the XVG protocol was tricked into adding the fictitious block onto the mainchain as well.
Thus, new coins were being minted literally “out of thin air”, just by manipulating the timestamps associated with the blocks. And, even though Verge’s developers reportedly removed the vulnerability, there was this posted on BitcoinTalk.org:
Perhaps the most troubling part of all this is that the bug does not appear to have been fixed, as the same issue is happening even now. A Redditor commented:
“Earliest block I found as a starting point is 2,155,913. https://prohashing.com/explorer/Verge/ still shows the current growth of the blockchain at around 25 blocks per minute resulting in 18250XVG or 950$ per minute for the attacker. Currently sitting at around 650.000$ worth of XVG.”
Notably, the official blockexplorer reported later a MUCH higher block height. Based on the Redditor’s calculations, approximately 50,000 blocks could have been mined, netting them a staggering $1.9 million. Moreover, commenting on the end of the attack, it was estimated that 35 million XVG had been generated within a matter of hours. Also, there does not yet appear to be a fix for this disaster.
Just When Things Were Beginning To Look Up
If you follow crypto-related news regularly, then you’d know that Pornhub had agreed to support XVG payments. Also, a number of other merchants had begun to offer support for the privacy-centered crypto. But now it seems that we’re left with some big question marks.
The most important question is whether Verge platform’s code is actually secure? Could this incident impact the coin’s price – short-term or long-term?Will this be mixed with a pump and dump scheme? Are the developer of Verge even seriously addressing this issue…or much worse, are they a part of this?