VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The attacker discovers and manipulates errors in the Verge code, causing false timestamps to be set on the block and then dig out new blocks quickly. The protocol of Verge is uses five mining algorithms in turn, and the attacker increases control over two of them: scrypt and lyra2re. The attack should be between block 2155850 and block 2206272. Within a few hours of the attack, the 35 million XVGs, which cost about $1.75 million, were stolen at the prevailing exchange rate. Attack method (per SlowMist): 51% attack. Reported loss: 35,000,000 XVG.
Primary source
https://paper.seebug.org/609/ ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Verge
- bug_class
- infrastructure
- date_occurred
- 2018-05-22
- loss_usd
- —
- source_id
- sm:verge::2018-05-22
Related — same bug class· infrastructure