Cryptocurrency networks seem to be on the target of some organized criminals these days. It was only two days ago when I reported that Japanese cryptocurrency Monacoin suffered from a selfish mining attack recently, and yesterday there was the news of Verge suffering from a DDoS attack. However, the worst doesn’t seem to be over yet, as now news has broken about a 3rd major altcoin that suffered from double spending attack. This brings the number of coins suffering from cyberattacks within this week to 3.
The altcoin we’re talking about is Bitcoin Gold. With a market cap of $795 million as of now it’s 24th largest cryptocurrency in the world. However, that sort of scale didn’t stop hackers from taking over 51% of its network for a double-spending attack. Let me tell you what happened in detail.
What’s a double spending attack?
Suppose you give someone 100 INR. He puts the the note in his wallet and goes his way. You follow him, pick his pocket and walk away with the 100 INR note. Then you use that 100 INR note somewhere else. That’s called double spending – and in this entire scheme the loser is that first person who took the 100 INR from you.
In world of cryptocurrencies replicating this scenario is difficult because records of all transactions are kept on blockchain, from where altering them is extremely difficult. However, if someone has control of more than half of the nodes in a blockchain, he can successfully turn the table in his favor to do a double spending attack!
What will happen in that case is that attacker will first of all take control of more than 50% blockchain hashrate (a situation known as 51% attack) and then alter the blockchain as he wants to. He can reverse some of the transactions to steal the coins otherwise transferred to someone so he can use them somewhere else.
What happened with Bitcoin Gold?
Coming back to this Bitcoin Gold case, what happened was that hacker(s) first of all took over more than 50% of Bitcoin Gold hashrate so he can alter the records of blockchain. Then he sent some Bitcoin Gold (BTG) tokens to wallets of a few exchanges, but withdrew them quickly to his wallet. Once the tokens were back to his wallet, he reversed the initial deposit transactions to exchanges by altering the records of blockchain. In a nutshell, he effectively never sent anything to those exchanges since the deposit transactions were reversed, but the exchanges ended up sending him Bitcoins from their kitty because they didn’t have the control over blockchain hashrate to reverse their transactions.
It has been revealed that a Bitcoin Gold address involved in attack received as much as 388,200 BTG since May 16. If all of that came from this attack, the attacker has reportedly duped the exchanges to a tune of $18.6 millio based on today’s valuations.