The team behind the cryptocurrency, Verge, as well as the CoinPouch team, both recently confirmed that over $655,000 worth of Verge coins had been stolen this last week from the user’s CoinPouch wallet. Since the attack, there has been a growing dispute between the cryptocurrency development team and the wallet service provider over which company is at fault for enabling the hack.
According to CoinPouch, the hack was conducted using a flaw in the Verge node, which processes users’ transactions. However, Verge stated that the attack was made following the wallet service provider being hacked due to insufficient security measures on the side of CoinPouch.
CoinPouch alerted its users regarding the hack via its Twitter account. The wallet app stated that they had reported the incident to the relevant authorities and that the investigation is likely to be impeded by the US Thanksgiving holiday period.
According to CoinPouch, the first incident occurred on 9 November when the first report was received concerning a user whose funds were stolen from their wallet. The report caused CoinPouch to launch an investigation together with a project leader from the Verge team. The investigation concluded, and both parties confirmed that the incident did not seem like a hack, but rather an isolated incident. The Verge team leader suggested that CoinPouch update its security measures to allow for the Verge node’s specific security requirements.
However, following the security updates, CoinPouch confirmed that several other users reported of being affected by the same incident of their funds being stolen, or that their Verge coins in their wallets were malfunctioning.
Surprisingly, the Verge team traced the wallet to which all the stolen funds were funneled to. So far, the number of stolen Verge coins has reached 126 million Verge coins, roughly the equivalent of $655,000. What is odd about this, is the fact that the user has not yet moved the coins to an alternative place, but kept the coins in their wallet. Both CoinPouch and Verge are still at a loss as to specifics of the hack.
Both Verge and CoinPouch have been updating their users via their Twitter accounts:
our condolences to all users that had their funds stored on coinpouch. hopefully we can find out what happened. seems the coins have ended up at this address: DM5Esw71BnTdJzX1FWpNLvdnrLuCS91v4N https://t.co/JIeS2LARiN
— vergecurrency (@vergecurrency) November 22, 2017
To clarify situation and stop disinformation: It was 3rd party wallet @coinpouchapp that was hacked cos wasn't secured properly on their side. Not Verge blockchain. Independent forensic probe was ordered, as reported by #CoinPouch. Expect further status updates on their channels.
— vergecurrency (@vergecurrency) November 23, 2017
This latest incident signifies the second cryptocurrency-related hack in November alone. Just this week, attackers pocketed almost $30 million worth of Tether, which negatively influenced the Bitcoin price for a few hours.