Vertcoin (VTC) network has been 51% attacked by unknown hackers for the second time since December of 2018 on December 1, but ended up paying from their pockets, according a GitHub report by Vertcoin’s lead maintainer James Lovejoy on December 2.
According to James, Bittrex was the original target, but fortunately, security measures stayed intact. Vertcoin was previously 51% attacked in December of 2018, during which hackers were able to stole funds worth $100,000.
According to the maintainer, after the first attacked, Vertcoin changed its proof-of-work algorithm to Lyra2REv3. But on November 30, a miner noticed a problem on the algorithm, and when it became clear that that was a malicious activity, Bittrex was connected to disable their Vertcoin wallet. The report reads:
“On Nov 30th 2019, a Vertcoin miner noticed a large upswing in hashrate rental prices for Lyra2REv3 on Nicehash. This was combined with workers connected to Nicehash’s stratum server being sent work for unknown (non-public) Vertcoin blocks. I contacted Bittrex, Vertcoin’s most prominent exchange, to recommend they disable the Vertcoin wallet on their platform once it became clear an attack was in progress, which they subsequently did.”
According to the report, On Sunday, 1 December 2019 15:19:47 GMT, this incident saw 603 genuine blocks on the Vertcoin main blockchain replaced with 553 blocks written by the attackers.
The report further reads:
“We note that 600 blocks is the current confirmation requirement for VTC on Bittrex. There were 5 double-spent outputs in which ~ 125 VTC (~$29) was redirected. Each of the double-spent outputs are coinbase outputs owned by the attacker and it is unknown to whom the coins were originally sent before being swept to an attacker address after the reorg.”
James said there was a strong evidence that the attack was carried out by harnessing leased hashrate from Nicehash. The attack was discovered by searching the work being sent Nicehash’s stratum servers, which were sending work for non-public blocks, the report says.
According to the developer, Bittrex was the possible target as after the coins were reorganized on a single address, the number of confirmation blocks were more than 600, which is Bittrex’s minimum requirement for VTC confirmation. But the attacked was blocked as the exchange disabled its VTC wallet even before ‘the fork could be released.’
James also said that the attacker spent between 0.5-1 BTC to perform the attack and as a result, the hackers appear to have come out with a net loss of between 0.06 BTC ($440) and 0.56 BTC ($4,100).