Verge was hacked again a couple of weeks ago. Yes, again, and the hacker who did it went away with almost 2 million dollars in Verge tokens. Hacks and security failures are bound to happen now and then, they’re just part of the digital game but what makes this particular hack so worrying is that it’s the third time that Verge gets hacked in only three months. It’s just too much.
Following the attack supernova tweeted this from their official account:
— supr nova *no giveaways* (@SuprnovaPools) May 22, 2018
Three severe hacks in less than ninety days beg the question: was the last one an inside job, or is Verge team just not trying to secure their blockchain? Well, it could be either, or it could be both, but it’s terrible news in any case. Even the worse fact is that the strategy used by the last hacker is essentially the same one used on previous hacks. It’s called a 51% attack.
What is a 51% attack?
A 51% attack is a way to hijack a blockchain. What you have to do is to mine a new block with a false timestamp on it (you make it seem like if you mined it earlier) so this new block will enable you to create a fork in the blockchain. In this new blockchain, you basically own the whole thing which means you can control the approval process for freshly mined blocks.
If you succeed at this, every reward from mining becomes yours only. This kind of attack has always been a theoretical possibility for every blockchain but Verge; it has struck three times already while it’s never happened for Bitcoin, Ethereum or other cryptocurrencies. That is because Verge’s code remains buggy and the hackers knew precisely how to exploit those bugs.
This is not the kind of event that creates confidence about Verge in particular or about cryptocurrencies in general. And it shouldn’t.
Just as Verge announced recently a set of interesting partnerships that will turn their coin into a real-world asset the news about the hacking just make them look sloppy and irresponsible.
One wonders what their new partners are thinking about this or if they will consider the problem is severe enough to look for other projects.
Even worse is the fact that Verge is a 100% open-source project which should mean that everything happens transparently, and in the open, but in this situation, the team has been secretive, murky and generally not lived up to the standards of a project that is supposed to guarantee the safety, privacy, and value in every coin holder and user.
Besides the fact that a known problem with Verge’s blockchain has not been fixed at all, suspicions have risen that it was an inside job. It’s not just empty talk or conspiracy theories, CryptoMedication did a long, detailed piece explaining all the evidence and why such interpretation is indeed warranted.
He points out that the April 4th hack created 18.6 million Verge tokens and that just a few weeks later that almost exact amount of Verge tokens were transferred from one of Verge’s wallets to Binance. Not enough evidence to give a verdict for sure, but the coincidence looks strange at best. Verge argued that the tokens were needed for “Ledger Wallets” which is just not true.
After the April hack, the Verge team was forced to acknowledge the problem, and they assured the community that they had dealt with the problem. And then, just a couple days ago, history repeated itself.
This problem can be fixed anyway, but for some unknown reason, Verge has been sitting on the solution rather than implementing it.
CryptoMedication’s article goes even further. He points out that Verge’s marketing strategy of overhyping new partnerships to support the coin’s performance has reached its limit which is why XVG’s value has been going down steeply over the last week.
So the question is obvious now. With yet another hack and the crypto-coin going down in value, when do you sell? An interesting fact is that the hack didn’t prompt any decrease in price on itself, it’s just been the way the market has been going recently.
We sincerely hope that the Verge team will soon learn from the mistakes they’ve committed so far and started doing the job they’re supposed to do. Otherwise their partners, investors and holders will suffer and they won’t take it for too long.