Monday, November 4, 2024
HomecryptocurrencyCyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend...

Cyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend Attack

Published on

Malware protection

Hackers have stolen around $18 Million worth of BTG (Bitcoin Gold) from Bitcoin Gold Network using a new attack method called “Double Spend”.

Attackers using  “51% attacks”  which means An attacker that controls more than 50% of the network’s computing power and they take over more than 50 % of hashpower.

Double spend attack is a type of an attempt where attack using the same coin twice and send the same coin into different Exchange wallet at the same time.

- Advertisement - SIEM as a Service

This method allows attackers to control the blockchain transactions, and they have an ability to exclude and modify the ordering of transactions.

Exchange Wallet is Primary Target

This attack is largely targeted to the Bitcoin Gold Exchange wallet and there is no risk for the individual users or the fund that existing in the wallet.

But the main risk is for who involved with a larger amount of payment accept directly from the attacker.

According to bitcoingold, The cost of mounting an ongoing attack is high. Because the cost is high, the attacker can only profit if they can quickly get something of high value from a fake deposit. A party like an Exchange may accept large deposits automatically, allow the user to trade into a different coin quickly, and then withdraw automatically. This is why they are targeting Exchanges.

This is not the first time that attackers using this  Double Spend method to compromise the cryptocurrency wallet but already another targeted Exchanges reported that they strongly believe this attacker attempted to hit them with a double-spend of BTC in the past.

A Double-Spend to Bitcoin Gold

An Attempt to spend same BTG coin twice in two different exchange wallet that attackers owned and send the coin both wallet in exactly same time.

Blockchain maintains the queue to resolve this type of transactions are added to blocks. so once 2 same transactions added into the blocks, Exchange wallet choose the first traction is valid and the transaction that came second will be declined.

Also, an order of the block will be cleared if the transactions were sent at the exact same time Along these lines, the coins must be sent to one place – either to the Exchange or to the private wallet.

So far, Attackers Earned  $18 Million

BTG address of this attacker earned around $18 Million so far that is exchanged in this wallet GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft.

  • Funds: GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft
  • Receive mined coins: GXXjRkdquAkyHeJ6ReW3v4FY3QbgPfugTx

Until now, some Exchanges were operating with less than five confirmations required. We have been urging higher limits to prevent such an attack and urging manual review of large deposits of BTG before clearing the funds for trading. bitcoin gold said.

The Bitcoin Gold team advised crypto exchanges to increase the number of confirmations required for a deposit to clear.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

18 Individuals Charged for Widespread Manipulation Cryptocurrency Markets

18 individuals and entities have been charged with widespread fraud and manipulation within the...

FBI Warns that North Korean Hackers Aggressively Attacking Employees of Crypto Companies

The FBI has issued a stark warning to cryptocurrency companies, highlighting increased sophisticated cyberattacks...

Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks

Hackers usually shift their attention towards Atlassian due to flaws in its software, especially...