Hackers appear to have rented cryptocurrency mining power at NiceHash this week and then used it to conduct a 51% attack on the Vertcoin network.
According to Coindesk, the hacker managed to offset 603 genuine blocks of data mined by legitimate network participants and replace them with 553 counterfeit blocks.
Manouevers like these enable hackers to “double-spend” or duplicate vertcoins, a type of cryptocurrency.
In this case, the take was minor and only worth $29 dollars USD. The cost of renting the mining power to conduct the attack was probably much more.
It is not clear at present whether the attack was executed by amateurs or was some type of dry run executed by more skilled hackers.
Vertcoin is a “proof-of-work” cryptocurrency produced in a manner similar to Bitcoin.
Both coins are generated through an expensive process called “cryptocurrency mining.”
In cryptocurrency mining, individuals that want to participate in a “decentralized cryptocurrency network” (a computer network theoretically governed by participants) can download software onto a server and then run it simultaneously with other computers in the network.
Cryptomining is currently very expensive for three reasons:
- Every computer runs and maintains a copy of the entire network’s transaction history, its “immutable (emcrypted)” ledger. In comparison, the Visa network runs radically more cheaply because it does not indefinitely duplicate and encrypt all the data it collects. A Visa transaction thus costs a few cents, whereas a single Bitcoin transaction can cost as much as 20 loads of laundry washed and dried.
- The process of encrypting transactions on the Bitcoin network is very energy-consumptive because every transaction is scrambled with a number representing all the previous scrambled transactions. As well, after every megabite of data is collected, all the machines in the network compete in a computational race to guess a random number set by the system. Calculation after calculation is made by every computer in the network until one guesses correctly and is rewarded a “block reward” of 12.5 bitcoins. Then the game begins again.
- In many cases, there is much competition on the networks.
Initially, cryptominining could be done feasibly by interested individuals using basic graphics cards. But as interest in cryptocurrency speculation drove up prices, semiconductor firms began designing special high-performance chips and machinery. Dorm-room miners were outclassed.
To prevent “centralization” of the network by large cryptomining entities, developers began tinkering with the network’s algorithms to make them “ASIC-resistant” (incompatible with dedicated machines and chips).
Vertcoin is one such “ASIC-resistant” coin, as is Monero.
Unfortunately, the Vertcoin network is relatively small and is therefore easy to overwhelm with a 51% attack in which hackers change a network’s transaction history and can print coins for themselves.
Vertcoin “lead maintainer,” James Lovejoy there is “strong evidence” that large amount of mining power for producing vert coins was purchased at NiceHash. This signalled a possible imminent attack.
Lovejoy noticed the rental and says he immediately contacted the Bittrex exchange, which handles trades of vertcoins.
Bittrex reportedly disabled its Vertcoin wallets and this may have prevented further double spends.
Though this attack was small and likely not economical for the hackers, Vertcoin has reportedly been attacked before.
It is also possible that this attack may have been executed, in part, as an indirect attack on Bittrex, or as, “a proof of concept or sabotage attack.”