Verge’s Recent “Miner Attack” Proves the Project’s Code Is Far From Secure

There are a lot of conflicting opinions on the Verge cryptocurrency as of right now. This is not a big surprise, as the project has always been considered to be rather controversial. The network’s most recent “accidental fork” goes to show there is still a lot of work to be done before this project can be taken seriously.

Verge Just Keeps Getting Better (Or Worse)

For those who are unaware, the privacy-oriented Verge cryptocurrency either suffered a hack or an accidental fork earlier this week. It is believed that close to 250,000 XVG has been “misplaced”. Assuming this was a hack, close to $1 million has been stolen. At the same time, the developers claim this was a fork due to an accidental 51% attack against the network.

Even though 51% attacks are very rare when it comes to proper cryptocurrencies, altcoins tend to suffer from such incidents on a semi-regular basis. In the case of Verge, it seems this attack was triggered by someone mining a large number of blocks in quick succession. This would require an assailant to control the majority of hashing power pointed at Verge’s blockchain, as they would then be able to discover network blocks faster than other mining pools could.

Although it is unclear if this was an actual 51% attack, OCMiner claims that a hacker exploited various “bugs in Verge’s code” to gain a competitive advantage. How this was pulled off remains to be determined at this stage, as information is still hard to come by. It does show any reports indicating this was a “hack” are probably incorrect, although it is evident someone collected a lot of money in short order through illegitimate means.

Even though Verge makes use of five different crypto algorithms for mining, it seems there are still some weaknesses to be found within this particular ecosystem. Every new block usually triggers a switch to a different algorithm until the next network block is discovered and validated. If any miner successfully controls 51% of the mining power for an algorithm, they can continue controlling the network.

In a way, this means a Verge attacker can control the majority of the XVG mining power without having to own a lot of hashpower himself. That is quite worrisome, as it could hint at more of these attacks occurring in the future. By providing fake timestamps to the mined blocks, the assailant successfully took control of the Verge network for an extended period of time.

Addressing this problem will not be all that easy either. It appears as if Verge will need to undergo a hard fork to prevent issues like these from happening again. Most people will readily agree that Verge is slowly turning into a joke currency at this point, as things are going from bad to worse. It will be quite intriguing to see how all of this pans out, as this may not necessarily be the last attack against Verge.