Blockchain hacked zombie
In PoW-based cryptocurrency systems, miners are people who use computing power to validate the transactions on the network and are awarded in new coins. In Verge's particular case, it's a little more nuanced. Verge uses five different cryptographic algorithms for mining, switching to a new one for every block, but the attacker figured out a way to fake timestamps of his blocks and mined them all with one algorithm.
In this way, he was able to capture the majority of the network's mining power with far less computing power than he'd normally need.
Nevertheless, the attack is serious as it requires a hard fork cryptocurrency lingo for a very big upgrade that leaves the old blockchain behind and requires all participants to switch to new software to exclude the blocks the attacker had mined. Verge's official Twitter account tried to downplay the severity of the attack by calling it a "small hash attack" that's been "cleared up now.
We had a small hash attack that lasted about 3 hours earlier this morning, it's been cleared up now. We will be implementing even more redundancy checks for things of this nature in the future! But Reddit and some experts seem to disagree. And a poster on the Bitcointalk forums called IDCToken, who claims he's responsible for the attack, said there are two more exploits in the Verge's code that could be used to perform a similar hack.
Verge's price fell Unfortunately for the cybercrooks, however, it seems that a botnet-turned-mining rig doesn't actually make much money in real life. McAfee found that the increasing difficulty of Bitcoin hashes, combined with the attrition rate from malware detections on infected machines, would make turning a profit from botnet mining nearly impossible.
According to researcher estimates, a botnet controller attempting to mine Bitcoin with a 10, system network would initially see a net loss in operations and with increasing difficulty cycles productivity would plateau off without turning much of a profit. That rate becomes even lower when mobile devices are added to the equation. Researchers note that with less powerful processors and limited battery life, mobile devices are ill-equipped to function as dedicated cryptocurrency mining tools, especially when this is done via covert malware infections.
Researchers conclude, therefore, that botnet kingpins are better off avoiding the Bitcoin mining game and sticking with other techniques. That would come as little relief, however, to owners of infected machines who will see their system performance and battery life take a hit whether or not the miner turns a profit.
Minds Mastering Machines - Call for papers now open. The Register - Independent news and views for the tech community. Part of Situation Publishing.
Join our daily or weekly newsletters, subscribe to a specific section or set News alerts. The Register uses cookies. Give us notch support or … you don't wanna know Fork it! Equifax reveals full horror of that monstrous cyber-heist of its servers Android P to improve users' network privacy Hacking charge dropped against Nova Scotia teen who slurped public records from the web That Drupal bug you were told to patch weeks ago?
Cryptominers hope you haven't bothered. Get on top of reliability with our best practices webinar El Reg's Serverless Computing London call for papers shuts tonight. Sony reports shortage of cute robot puppies! Artificial Intelligence Internet of Things Is your gadget using secondhand memory? Predictable senility allows boffins to spot recycled NAND chips Waymo van prang, self-driving cars still suck, AI research jobs, and more Congratulations, we all survived Star Wars day!
Now for some security headaches Silicon can now reconfigure itself with just a jolt of electricity.