Wednesday, April 24, 2024

Cyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend Attack

Hackers have stolen around $18 Million worth of BTG (Bitcoin Gold) from Bitcoin Gold Network using a new attack method called “Double Spend”.

Attackers using  “51% attacks”  which means An attacker that controls more than 50% of the network’s computing power and they take over more than 50 % of hashpower.

Double spend attack is a type of an attempt where attack using the same coin twice and send the same coin into different Exchange wallet at the same time.

This method allows attackers to control the blockchain transactions, and they have an ability to exclude and modify the ordering of transactions.

Exchange Wallet is Primary Target

This attack is largely targeted to the Bitcoin Gold Exchange wallet and there is no risk for the individual users or the fund that existing in the wallet.

But the main risk is for who involved with a larger amount of payment accept directly from the attacker.

According to bitcoingold, The cost of mounting an ongoing attack is high. Because the cost is high, the attacker can only profit if they can quickly get something of high value from a fake deposit. A party like an Exchange may accept large deposits automatically, allow the user to trade into a different coin quickly, and then withdraw automatically. This is why they are targeting Exchanges.

This is not the first time that attackers using this  Double Spend method to compromise the cryptocurrency wallet but already another targeted Exchanges reported that they strongly believe this attacker attempted to hit them with a double-spend of BTC in the past.

A Double-Spend to Bitcoin Gold

An Attempt to spend same BTG coin twice in two different exchange wallet that attackers owned and send the coin both wallet in exactly same time.

Blockchain maintains the queue to resolve this type of transactions are added to blocks. so once 2 same transactions added into the blocks, Exchange wallet choose the first traction is valid and the transaction that came second will be declined.

Also, an order of the block will be cleared if the transactions were sent at the exact same time Along these lines, the coins must be sent to one place – either to the Exchange or to the private wallet.

So far, Attackers Earned  $18 Million

BTG address of this attacker earned around $18 Million so far that is exchanged in this wallet GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft.

  • Funds: GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft
  • Receive mined coins: GXXjRkdquAkyHeJ6ReW3v4FY3QbgPfugTx

Until now, some Exchanges were operating with less than five confirmations required. We have been urging higher limits to prevent such an attack and urging manual review of large deposits of BTG before clearing the funds for trading. bitcoin gold said.

The Bitcoin Gold team advised crypto exchanges to increase the number of confirmations required for a deposit to clear.


Latest articles

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...

Rewards Up to $10 Million for Information on Iranian Hackers

The United States Justice Department has announced big rewards for information leading to the...

PoC Exploit Released For Critical Oracle VirtualBox Vulnerability

Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege...

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement

When cyber attacks strike, it's rarely a single computer that suffers. Nowadays, cybercriminals set...

U.S. to Impose Visa Restrictions on 13 Individuals Involved in Commercial Spyware Operations

To combat the misuse of commercial spyware, the United States Department of State has...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles