The Vertcoin Cryptocurrency Just Got 51% Attacked – Again

Vertcoin, a crypto project that sets out to keep mining power decentralized, has suffered its second 51-percent attack in a year.

AccessTimeIconDec 2, 2019 at 12:30 p.m. UTC
Updated Sep 13, 2021 at 11:45 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Vertcoin, a crypto project that aims to keep mining power decentralized, has suffered its second 51-percent attack in a year.

The incident saw 603 genuine blocks on the Vertcoin main blockchain replaced with 553 blocks written by the attacker, according to the project's lead maintainer, James Lovejoy, in a GitHub notice.

Occurring on Sunday, Dec. 1, the blockchain reorganization caused five "double spends" to the value of 125 vertcoin (VTC) worth approximately $29. "Each of the double-spent outputs are coinbase outputs owned by the attacker and it is unknown to whom the coins were originally sent before being swept to an attacker address after the reorg," Lovejoy said.

Put simply, a 51-percent attack can occur when an entity (or entities) gains over half of the hashing power of a blockchain network, bringing the ability to rewrite the blocks making up the "chain."

Almost exactly a year ago to the day, Vertcoin saw another 51-percent attack that caused multiple reorgs and was estimated by Coinbase to have cost users over $100,000. After that attack, Vertcoin – which aims to block powerful mining chips called ASICs from the network to keep mining more community based and affordable – switched its proof-of-work algorithm to one called Lyra2REv3.

The latest attack had been seen coming. Lovejoy explained:

"On Nov 30th 2019, a Vertcoin miner noticed a large upswing in hashrate rental prices for Lyra2REv3 on Nicehash. This was combined with workers connected to Nicehash's stratum server being sent work for unknown (non-public) Vertcoin blocks. I contacted Bittrex, Vertcoin's most prominent exchange, to recommend they disable the Vertcoin wallet on their platform once it became clear an attack was in progress, which they subsequently did."

The developer continued to say there's "strong evidence" that the attack was carried out by harnessing leased hashrate from Nicehash.

"The attack was originally discovered by inspecting the work being sent from Nicehash's stratum servers, which were sending work for non-public blocks," he said.

Why Vertcoin was attacked again is unclear. Lovejoy said it would not have been profitable based on miners' block rewards alone. He suggested Bittrex may have been target, but the exchange disabling its Vertcoin wallet may have prevented more double spends.

An alternative option is that thefts via double spending was not the plan and the attack may have been "a proof of concept or sabotage attack."

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.