Sunday, November 24, 2024
HomecryptocurrencyCyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend...

Cyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend Attack

Published on

Hackers have stolen around $18 Million worth of BTG (Bitcoin Gold) from Bitcoin Gold Network using a new attack method called “Double Spend”.

Attackers using  “51% attacks”  which means An attacker that controls more than 50% of the network’s computing power and they take over more than 50 % of hashpower.

Double spend attack is a type of an attempt where attack using the same coin twice and send the same coin into different Exchange wallet at the same time.

- Advertisement - SIEM as a Service

This method allows attackers to control the blockchain transactions, and they have an ability to exclude and modify the ordering of transactions.

Exchange Wallet is Primary Target

This attack is largely targeted to the Bitcoin Gold Exchange wallet and there is no risk for the individual users or the fund that existing in the wallet.

But the main risk is for who involved with a larger amount of payment accept directly from the attacker.

According to bitcoingold, The cost of mounting an ongoing attack is high. Because the cost is high, the attacker can only profit if they can quickly get something of high value from a fake deposit. A party like an Exchange may accept large deposits automatically, allow the user to trade into a different coin quickly, and then withdraw automatically. This is why they are targeting Exchanges.

This is not the first time that attackers using this  Double Spend method to compromise the cryptocurrency wallet but already another targeted Exchanges reported that they strongly believe this attacker attempted to hit them with a double-spend of BTC in the past.

A Double-Spend to Bitcoin Gold

An Attempt to spend same BTG coin twice in two different exchange wallet that attackers owned and send the coin both wallet in exactly same time.

Blockchain maintains the queue to resolve this type of transactions are added to blocks. so once 2 same transactions added into the blocks, Exchange wallet choose the first traction is valid and the transaction that came second will be declined.

Also, an order of the block will be cleared if the transactions were sent at the exact same time Along these lines, the coins must be sent to one place – either to the Exchange or to the private wallet.

So far, Attackers Earned  $18 Million

BTG address of this attacker earned around $18 Million so far that is exchanged in this wallet GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft.

  • Funds: GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft
  • Receive mined coins: GXXjRkdquAkyHeJ6ReW3v4FY3QbgPfugTx

Until now, some Exchanges were operating with less than five confirmations required. We have been urging higher limits to prevent such an attack and urging manual review of large deposits of BTG before clearing the funds for trading. bitcoin gold said.

The Bitcoin Gold team advised crypto exchanges to increase the number of confirmations required for a deposit to clear.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as...

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by...

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in...

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Understanding Crypto Macroeconomic Factors: Navigating Inflation, Rates, And Regulations 

Diving into the world of cryptocurrencies, I've found it's a fascinating intersection of technology...

Crypto Network Security: Essential Tips To Protect Your Digital Assets In 2023 

Exploring the world of cryptocurrencies has been a thrilling journey for me. The allure...

Maximise Crypto Mining Profitability: Strategies For Success In 2023 

Diving into the world of crypto mining has always intrigued me. The allure of...