Bitcoin Gold (BTG) has suffered another 51% network exploit with the attacker reportedly double-spending $75,000 in BTG tokens.
Details of the Bitcoin Gold 51% Attack
According to MIT crypto researcher James Lovejoy, Bitcoin Gold, one of the Bitcoin hard forks is once again the victim of a 51% attack. In a post published on GitHub, Lovejoy revealed that the attacker carried out two which resulted in a double-spend of 1,900 BTG and 5,267 BTG respectively.
Together, both exploits amount to more than $72,000 based on the current price of Bitcoin Gold. Back in 2018, BTG suffered a malicious blockchain ‘reorg’ with the 51% attack resulting in the theft of $18 million in BTG tokens at the time.
Following the double-spend attack, BTG developers implemented new Proof-of-Work (PoW) algorithms in attempts to enhance the security of the blockchain. The BTG 51% attack was one of many altcoin blockchains to suffer a similar fate in 2018.
Vertcoin, Litecoin Cash, Verge, Monacoin, and Electroneum among others experienced malicious deep blockchain reorgs. Reports also emerged that many of these attacks only required a few thousand U.S. dollars to rent the hashing power required to compromise the blockchains.
According to Lovejoy, the BTG attacker may have only spent $3,400 to orchestrate the double-spend exploit. An excerpt from the GitHub post reads:
“Based on Nicehash market price data for Zhash we estimate the cost of generating each reorg at around 0.2 BTC (~$1,700) and the attacker would have recouped around the same value in block rewards. Therefore, it is possible that the attacks were profitable if the double-spends succeeded at defrauding the attacker’s counterparty, or break-even if the double-spends were unsuccessful.”
For some commentators, the significantly small financial outlay required to compromise these altcoins blockchains also calls into question the robustness of their security infrastructure.
Binance Ups Confirmation Requirement for BTG Withdrawals
Apart from the vulnerabilities in PoW altcoin blockchains, some commentators also argue that crypto exchanges need to implement robust confirmation requirements for processing withdrawals. Even after a successful 51% attack, the hacker still needs an exchange to conclude the withdrawal process.
Longer confirmation times could increase the budget constraints for these attacks, rendering them less profitable to potential hackers. According to Lovejoy, at the time of the attack, Binance’s confirmation requirement for BTG stood at six with the coins available for withdrawals after 12 confirmations. Binance has since reportedly upped this minimum to 20 confirmations.