It seems privacy-centric cryptocurrency Verge (XVG) have once again fallen victim to a 51 percent attack since the beginning of April.
Reports released on BitcoinTalk by forum user ocmier states that an attack seems to have effectively split the Verge blockchain through a 51 percent attack. To make this possible, the attacker used a bug in the Verge code that permits spiteful miners to create false timestamps on blocks and then quickly mines new ones in a rapid sequence.
The Verge protocol makes use of a series of five mining algorithms, and an image made available by ocmier claims that the attacker had access to both of them-scrypt and lyra2re-mined them without any constraint and used false timestamps to deceive the network into accepting them into the main chain.
From the look of things, the attack occurred between blocks 2155850 and 2206272, making it possible for the attacker to go away with an estimated 35 million XVG- which is about $1.7 million at the current exchange rate-within a matter of few hours. The attack has stopped by the time of writing, even though there is nothing stopping the attacker from carrying on with the operation in the future again.
There has been a less encouraging response from Verge’s developers for the time being. The project confirmed a mining-related issue in a Monday afternoon tweet but blamed it to a DDoS attack directed at numerous XVG mining pools. The account has not made further tweets since then.
This attack is quite similar to the one experienced by the Verge network about two months ago which a spiteful miner got ways with 20 million XVG.