- The bug, dubbed as CVE-2018-17144, existed in all Bitcoin-based cryptocurrencies, of which Pigeoncoin is one.
- The bug, if exploited, could have allowed attackers to crash the Bitcoin network and print as many coins they wanted.
A hacker has managed to make away with $15,000 worth Pigeoncoin by exploiting an already patched Bitcoin bug. The cybercriminal stole the 235 million tokens of the Pigeoncoin cryptocurrency by exploiting the bug, dubbed as CVE-2018-17144, which also existed in all Bitcoin-based cryptocurrencies, of which Pigeoncoin is one.
The incident came to light after a user of the BitcoinTalk forums noticed some suspicious blockchain activity. It was discovered that the hacker who carried out the attack, goes by the pseudonym ‘mrsandman1’.
The developers of the Pigeoncoin cryptocurrency confirmed the breach, adding that the unknown attacker successfully exploited the bug on September 26, CoinDesk reported.
Although this bitcoin-based bug was discovered and fixed prior to the hack, it seems some coins that used the bitcoin code were also vulnerable to attacks. The attack was made possible because Pigeoncoin failed to patch the bug on time.
CVE-2018-17144 was one of the most critical bugs in the history of the Bitcoin network. If exploited, it could have allowed attackers to perform various malicious activities such as crashing the Bitcoin network and printing as many coins they wanted.
While some cruptocurrencies using the Bitcoin code have patched the bug, there are still few lesser-known coins that need to apply the patch. Until the patch is applied to each of Bitcoin-based cryptocurrencies, the risk to these currencies still remains.
"Copycat currencies are at risk. By definition, there's always a group upstream that knows their vulnerabilities," said Emin Gün Sirer, a cryptocurrency expert.