Verge (XVG) cryptocurrency destroyed in historic 51% attack

Posted: 5 April 2018 5:36 pm

The Verge cryptocurrency has been effectively destroyed after a malicious player took over its network.

A cryptocurrency called Verge (XVG) has come under a fascinating and somewhat historic attack. It's the first time a major cryptocurrency (Verge is/was in the top 25 by market cap) has been successfully taken down by a fabled "51% attack". This is when a single party manages to claim more than half of the computing power on a network and take control of it. From there they can then work it like a puppet.

In this case, the network takeover was helped along by some bugs in the Verge system which allowed the attackers to essentially just take over the blockchain.

Update: 6 April 2018: The attack is still continuing despite attempted fixes. The programmer who noticed the exploit originally described it as a 51% attack, but it might simply be an ingenious exploit with a similar result, rather than a true 51% attack.

Here the attackers decided to make it spit money into their laps. The attack was first reported about 24 hours ago at the time of writing and was still continuing at the initial time of writing.

This is what it looks like.

You might be able to see it live for yourself at the Verge block explorer here. If it looks like this when you do, it means the attack is still happening.

What am I looking at?

The picture above shows a small handful of recently mined blocks on the Verge blockchain, numbered on the left-hand side. The 1,560 "Amount (XVG)" is the mining reward that should typically be dispensed to miners. At recent Verge prices of US$0.05 per XVG, each of those lots of 1,560 XVG is worth US$78. This is all more or less normal.

However, the "Timestamp" column shows that things have gone very wrong. Notice the two different timelines in the column. They are 90 minutes apart and alternating with each other. The real timeline is the later one, while the earlier one is a fake timestamp that the attacker put on some of the blocks.

The trick is that they stamped the fake time onto blocks while having more than half of the network's mining power. This tricked the Verge network into thinking that it was the real time. They combined this with a few programming holes in Verge's mining algorithm to essentially bounce the network between the past and the present, and shake new blocks out of it.

These new blocks all delivered the full 1,560 XVG mining reward and popped out at a rate of about 1 per second, rather than the more usual 1 per 30 seconds.

The payout

The attacker has about $78 worth of XVG popping out of the network every second, for a pay rate of $280,800 per hour. The attack was reported about 24 hours ago and has been running for hours, but it also took a break here and there and wasn't running consistently.

Either way, their earnings are well into the millions of dollars worth of XVG.

Now the challenge for the attackers is to dispose of that XVG in the most profitable way. They can't dump it all at once without abruptly tanking the XVG price, but there's only a short amount of time before word gets around that the Verge network may be compromised, which could tank its price anyway.

The most profitable strategy for the attackers, and the only real way to walk away with millions of dollars of real money, is to hope that the incident is downplayed enough to buy them enough time to sell off their coins.

What will happen to Verge?


Verge died today, but might continue showing some signs of life. The developers have already started downplaying the incident which is good for the attackers who can profit much more from a slower decline.

A successful 51% attack in which an attacker manages to overpower the network through sheer mining power might render the Verge coin functionally useless and effectively destroy it. But it's not entirely clear whether that's what happened, or how fixable the problems in the Verge network are.

At the same time, the bizarre mystery partnership announcement set for 16 April, coupled with the sunk cost fallacy and good old fashioned brand loyalty, means Verge prices will take an enormous hit, but almost certainly won't drop to zero.

Things are still up in the air, but the developers have supposedly announced plans for a hard fork in the near future to patch the specific vulnerability exploited in this particular 51% attack. There will probably be no rollback, which means the attackers will get to keep their coins on the new network as well.

The hard fork might do little to solve Verge's underlying vulnerability to other 51% attacks, but patching up this particular exploit could ease some nerves, while easing the prices into a more leisurely death spiral.

Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VEN, XLM, BTC, NANO

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Get into cryptocurrency

Ask an Expert

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Go to site