U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Verge Cryptocurrency suffered a cyber attack, dev team responded with an Hard Fork

The verge (XVG) currency schema was attacked last week, the hacker reportedly making off with $1 million-worth of tokens. The dev team responded with an Hard Fork. Ripple (XRP) and Verge (XVG) are two cryptocurrencies that attracted many investors in the last months. Last week attackers hackers the Verge cryptocurrency system by exploiting a vulnerability in […]

verge hacked

The verge (XVG) currency schema was attacked last week, the hacker reportedly making off with $1 million-worth of tokens. The dev team responded with an Hard Fork.

Ripple (XRP) and Verge (XVG) are two cryptocurrencies that attracted many investors in the last months.

Last week attackers hackers the Verge cryptocurrency system by exploiting a vulnerability in its software and forced its developers to hard-fork the currency.

The bug in the cryptocurrency scheme allowed the attacker to mine blocks with bogus timestamps, it seems that attackers were able to generate new blocks at a rate of roughly one per second.

The hacker reportedly making off with $1 million-worth of tokens, the news was later confirmed on Bitcoin Talk forum by the user with the handle “ocminer” of the Suprnova Mining Pools.

“There’s currently a >51% attack going on on XVG which exploits a bug in retargeting in the XVG code.  Usually to successfully mine XVG blocks, every “next” block must be of a different algo.. so for example scrypt, then x17, then lyra etc.” wrote ocminer.

“Due to several bugs in the XVG code, you can exploit this feature by mining blocks with a spoofed timestamp. When you submit a mined block (as a malicious miner or pool) you simply set a false timestamp to this block one hour ago and XVG will then “think” the last block mined on that algo was one hour ago. Your next block, the subsequent block will then have the correct time..

And since it’s already an hour ago (at least that is what the network thinks) it will allow this block to be added to the main chain as well.”

OCminer speculated it was a 51 per attack(aka majority attack), this means that hackers in somehow were able to control the majority of the network mining power (hashrate).

The Verge development team finally confirmed on Wednesday the attack that caused the XVG value to drop from $0.07 to $0.05.

In response to the incident, the Verge team hard forked XVG that resulted in the creation of a new blockchain.

“The XVG team erroneously forked their entire network to ‘undo’ the exploited blocks, but this resulted in the entire network being unable to sync,” noted cryptocurrency news site The Merkle.

“When the team was made aware of their mistake, they were able to re-sync the network, but still have not completely defeated the issue.”

At the time of writing the Verge currency has recovered all its value.

verge hacked

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Verge, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]