A serious bug discovered a few weeks ago in the bitcoin code has been exploited, albeit on a less well-known cryptocurrency.
The developers behind the cryptocurrency pigeoncoin confirmed the exploits at CoinDesk on Tuesday, signaling that an unknown miner successfully exploited the bug on September 26, showing in a natural way how it could be used on bitcoins by printing 235 million worth coins around $ 15,000.
This is because while the serious error in inflation has been patched on bitcoins, other coins that have borrowed the public bitcoin code over the years are still vulnerable (if they have not corrected their code). If exploited, the bug gives an attacker the ability to print all the coins he wants, going even beyond the hardcoded limitations of supply cryptocurrencies that often have and decreasing the value of all other currencies held by investors.
Set apart with its X16r mining algorithm, pigeoncoin is not exactly a large cryptocurrency, not even the top 1,000 in terms of value compared to others on CoinMarketCap. However, the attack may not be less impacting its efforts to use a blockchain to "end the collection of abusive data".
With a total supply of 970 million pigeons, the attacker managed to print an amount equal to a quarter of all publicly traded pigeons, pushing one of the only exchanges to support the currency, CryptoBridge, to temporarily suspend trading while the developers were moving to implement a solution.
After inflation was detected, coin developers quickly released a software correction borrowed from the code that bitcoin developers released a couple of weeks ago. "The pools and exchanges must be updated immediately to solve a double-expense exploit derived from bitcoin source," explain the correction notes.
But while users may not particularly care about what happens to the little-known currency, exploits have wider implications for the world of cryptocurrency.
Cryptocurrency developer Scott Roberts said the main advantage of this event is that the bitcoin bug was really as bad as it looked:
"Above all it is nice to know with certainty from this example that coins in nature were really vulnerable: it was not just a vague theoretical problem".
Now the bug is correct, the observers are wondering what the attacker will do and if they can exchange their earnings with fiat money. To do this, most likely the aggressor will have to convert his pigeoncoin into another cryptocurrency that is more widely accepted.
"Many of us are now waiting to see what happens with the compromised coins and if there will soon be a landfill," pigeoncoin developer Michael Oates told CoinDesk.
The community closely monitors events in the Pigeon Discord chat channel. "My guess is that the funds will not move for a few days: it would be stupid to try to move them all at once," added Oates on Discord.
The other big concern is, if the pigeon was attacked, what about the other coins that have cloned the bitcoin code?
"It would be interesting to see how many coins have been attacked because of [the] bug, "Roberts told CoinDesk, adding that pigeoncoin is the only one that knows how to be exploited so far.
Still, Roberts added that many cryptocurrencies, such as bitcoin gold and litecoin, now they are improved, so I hope the same attack does not run on other coins.
"It seems like many coins have already been updated, so it's not likely to be a problem."
Pigeon image through Shutterstock