Bitcoin Gold cryptocurrency developers (not to be confused with Bitcoin), 24th place in the rating of cryptocurrencies and having a capitalization of $208 million, about the identification of two double spend attacks. To carry out the double spending, the attacker needed to gain access to computing power, which is at least 51% of the total hash calculation power available in the Bitcoin Gold network.
The attacks on Bitcoin Gold took place on January 23 and 24 and to the successful secondary accrual of 1900 and 5267 BTG on the exchange, which at today's rate is approximately $85430. Whether the attackers were able to extract these funds from the exchange is unknown (it is assumed that monitoring systems for suspicious transactions should have blocked the withdrawal of funds). To prevent similar attacks in the future, during the first quarter of 2020, Bitcoin Gold plans to introduce a new algorithm based on decentralized consensus building.
Given the current state of the Bitcoin Gold blockchain, the theoretical cost of conducting such an attack crypto51 service at $785 (for comparison, the estimated cost of such an attack on Bitcoin is $704). According to preliminary data, the computing power for the attack was purchased in the service , and the cost per attack was approximately $1700 when renting capacity on NiceHash.
The essence of the double spending attack is that after sending the funds for exchange, the attacker waits until enough confirmation blocks are accumulated for the first transaction with the transfer, and the exchange considers the transfer completed. Then the attacker, taking advantage of the prevailing computing power, transfers to the network an alternative blockchain branch with a conflicting transaction and a larger number of confirmed blocks. Since, in the event of a branch conflict, a longer branch is recognized as the main one, the alternative branch prepared by the attacker was accepted by the network as the main one (i.e., the exchange sends funds, but the transfer is not recorded to it, and, according to the state of the current blockchain, the original funds remain with the attacker).
Source: opennet.ru