Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Thursday May 24 2018, @03:41PM   Printer-friendly
from the Oops,-the-honest-people-are-in-a-minority-again dept.

CCN reports:

A malicious miner successfully executed a double spend attack on the Bitcoin Gold network last week, making BTG at least the third altcoin to succumb to a network attack during that timespan.

[...] To execute the attack, the miner acquired at least 51 percent of the network's total hashpower, which provided them with temporary control of the blockchain. Obtaining this much hashpower is incredibly expensive — even on a smaller network like bitcoin gold — but it can be monetized by using it in tandem with a double spend attack.

After gaining control of the network, the attacker began depositing BTG at cryptocurrency exchanges while also attempting to send those same coins to a wallet under their control. Ordinarily, the blockchain would resolve this by including only the first transaction in the block, but the attacker was able to reverse transactions since they had majority control of the network.

Consequently, they were able to deposit funds on exchanges and quickly withdraw them again, after which they reversed the initial transaction so that they could send the coins they had originally deposited to another wallet.

A bitcoin gold address implicated in the attack has received more than 388,200 BTG since May 16 (mostly from transactions it sent to itself). Assuming all of those transactions were associated with the double spend exploit, the attacker could have stolen as much as $18.6 million worth of funds from exchanges.

The last transaction was sent on May 18, but the attacker could theoretically attempt to resume it if they still have access to enough hashpower to gain control of the blockchain.

Bitcoin gold's developers advised exchanges to address the attack by increasing the number of confirmations required before they credit deposits to customer accounts. Blockchain data indicates that the attacker successfully reversed transactions as far back as 22 blocks, leading developers to advise raising confirmation requirements to 50 blocks.

Bitcoin Gold appears to use a standard ~10 min block rate so the new recommendation is for exchanges to hold funds for ~8 hours before clearing them.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by All Your Lawn Are Belong To Us on Thursday May 24 2018, @10:10PM (1 child)

    by All Your Lawn Are Belong To Us (6553) on Thursday May 24 2018, @10:10PM (#683777) Journal

    The primary difference to my eyes being: If you have a network that you can trust (by whatever mechanism you define as trustworthy), you can trust the network. What keeps that from being a tautology is that cryptocurrency (and other cryptomining operations) are supposed to work in an environment where trust is unnecessary or unavailable. "Supposed to be" because we've always been told that getting 51% of a network's mining is infeasible. That just got dunked on in this particular network.

    --
    This sig for rent.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Thursday May 31 2018, @01:15PM

    by Anonymous Coward on Thursday May 31 2018, @01:15PM (#686714)

    My thoughts are that someone that managed to get 51% of the network, should be easy enough to track down and slap cuffs on.

    I always figured that was the ultimate safety against the 51% attack.