24hours of Hacking Yields Only $15,000
Pigeoncoin cryptocurrency is the recent victim of hacking incidence in which a hacker walked away with $15,000 after spending full day manipulation codes.
According to BitecoinTalk forums, the hacker mrsandman1 was busy on 27 September and managed to exploit a previous Bitcoin bug that was fixed. So instead of manipulating the platform vulnerability, the hacker took advantage of the Bitcoin bug CVE-2018-17144. Although experts from Bitcoin network patched the bug on September 19, it was not updated on Pigeoncoin network.
The hacker’s activities were discovered by BitcoinTalk forum users who quickly noticed the malicious code. Later on, on tracing the origin, the online identity of the hacker was discovered. But before his activities were discovered mrsandman1 had already stolen 235 million PGN tokens which represent 25% of all the PGN coins. The only reason that hindered mrsandman1 from becoming a millionaire after a day’s work is the current value of PGN tokens. In the current market, a PGN token is valued at $0.000066 while the entire market cap of Pigeoncoin currently stands at $60,000. Moreover, cryptocurrency enthusiasts rarely use the coin or even trade it.
On the other hand, if mrsandman1 had directed his attention on exploiting the bug on a Bitcoin network, the results would have catastrophic. It would have resulted in a crash of Bitcoin nodes followed by a 51% attack on the system. Moreover, the attacker would have the opportunity to double –attack the network resulting in stealing a considerable amount of cash. Although bug CVE-2018-17144 was fixed immediately on Bitcoin code, it would take some time for smaller bitcoin-based virtual currency platforms to fix the bug.
According to Emin Gun Sirer, “copycat virtual currencies are at risk. By definition, there is always a group of upstream that know about the vulnerabilities in such platforms.” With that said many hackers are always looking to exploit the vulnerabilities. Emin is a cryptocurrency and cryptographer expert and professor at Cornell University.
Although the hacker got away with the tokens, this is something that could have been prevented if developers had integrated the upstream bug fix on their platform. It’s only after they discovered the hack that they rushed to install the bug fix. The Pigeoncoin hack is the first of its kind whereby the laxity of the developers is what led to the hack. It’s quite strange that other altcoins have already fixed the Bitcoin bug, but some haven’t applied the fix.