A major cryptocurrency exchange has delisted Bitcoin Gold (BTG) after the latter refused to pay $250,000 to cover losses it suffered from a major cyber-attack earlier this year.
Back in May, an attacker is said to have rented servers from the cloud mining marketplace NiceHash to carry out a 51% attack on BTG, allowing them to hijack the blockchain to then perform a so-called “double spend” attack.
The latter saw the attackers send BTG tokens to various exchanges, trade them for other coins and then cash out, before returning the original BTG tokens to their wallet. They could do this as they had temporary control of the blockchain.
It’s thought that hackers stole as much as $18m in BTG based on prices at the time.
BTG refused to pay half of Bittrex’s losses as demanded because it maintains that it did plenty at the time to warn the exchanges of impending double spend attacks. It said it handed over the attacker’s wallet address, advised them to raise confirmation requirements and urged them to flag and review any “unusually large” deposits.
“Despite all of our efforts, Bittrex was the victim of the last and largest BTG double-spend the attackers performed. The attackers deposited 12,371 BTG from the wallet we previously identified,” explained the firm.
“Several hours later, Bittrex allowed them to trade that BTG and withdraw some amount of other coins, and then the attackers used the 51% attack to double-spend those BTG, invalidating their original deposit. We feel it’s clear that we took every reasonable step to try to help ensure Bittrex’s safety against this threat.”
Although no customer funds were at risk in this instance, the incident is another example of the problems that can arise from burgeoning digital currency systems.