Bitcoin Gold (BTG) appears to be the target of a 51 percent attack, leading to the theft of approximately $17.5 million from cryptocurrency exchanges.
Traders of the coin, established in 2017 through a hard fork of the main Bitcoin (BTC) network, have been tracing the attack since last week.
Scrutiny of unusual activity on the network has revealed the scheme, in which "double spending" attacks have been launched against cryptocurrency exchanges trading the virtual currency.
According to the Bitcoin Gold team, exchanges rather than individual users have been targeted.
The first attack was recorded on 16 May and have now appeared to have ceased.
"An unknown party with access to very large amounts of hashpower is trying to use "51 percent attacks" to perform "double spend" attacks to steal money from exchanges," the team says. "We have been advising all exchanges to increase confirmations and carefully review large deposits. There is no risk to typical users or to existing funds being held."
51 percent attacks force reorganization in the blockchain. While not the result of a security flaw or vulnerabilities, the attack can -- theoretically -- be launched against any blockchain.
If a threat actor manages to wrestle control of over 50 percent of a network's computing power, they are able to both modify and exclude transactions of their own coins from blocks.
Attackers are then able to double spend, in which transactions are reversed after being confirmed, as well as prevent all other miners on a network from mining valid blocks.
Launching these types of attacks can be expensive and due to the vast computing power required, the only way they are made profitable is to attempt large double spend transactions -- and this, in turn, pivots attacks towards cryptocurrency exchanges.
The wallet address connected to the 51 percent scheme has received 388,201 BTG, which is worth approximately $17.5 million at the time of writing.
The majority of the funds have been moved to other addresses and only roughly 12,000 BTG remains in the account.
"One of the targeted exchanges reported that they strongly believe this attacker attempted to hit them with a double-spend of BTC in the past," the Bitcoin Gold team says. "In their words, "we are 100 percent sure that it is the same person, we found many associations between the accounts."
In response to the threat actor's attacks, a number of cryptocurrency exchanges have ramped up the number of confirmations they require to accept large transactions.
The Bitcoin Gold team says that a major upgrade planned for the end of June -- now being pushed to take place as soon as possible -- will eradicate the use of ASIC hardware to mine BTG.
ASIC systems are expected to ship at approximately the same time and have the potential to cause an imbalance to existing miners, and therefore, the team is tampering with the BTG algorithm to prevent this from occurring.
The organization says that the change in algorithm and a new fork will also reduce the risk of 51 percent attacks in the future.
See also: Brutal cryptocurrency mining malware crashes your PC when discovered
"We've been working at an incredible pace the past days to put the plan and pieces together, and we expect to upgrade our mainnet approximately seven days after the necessary software is up and running on our testnet," the team says. "[...] While it would be better to give all our partners more than seven days to test and deploy to avoid disruption, these attacks have already forced disruption on us all, so we feel it's best to get the upgrade completed as soon as we possibly can."
According to the Anti-Phishing Working Group, recent estimates suggest that since 2017, cyberattackers have managed to steal $1.2 billion in cryptocurrencies from exchanges, Initial Coin Offerings (ICOs), wallets, and more.
A similar attack method has recently been employed against Verge, a cryptocurrency offering which claims to bring back the anonymity once associated with cryptocurrency as a whole.
Earlier this week, reports surfaced which claimed that a threat actor has been able to successfully launch a 51 percent attack on the Verge blockchain, leading to the theft of approximately 35 million Verge coins (XVG), worth over $1.7 million.