Cyber Incident Victim: Bitcoin Gold

On May 18, 2018, an unidentified hacker initiated a series of attacks against the Bitcoin Gold (BTG) cryptocurrency network, exploiting its infrastructure through a combination of 51% and double-spend attacks. The attacker deployed a large number of servers to gain control of over half of Bitcoin Gold’s network hashrate, enabling them to manipulate blockchain transaction details. This control allowed the malicious actor to execute double-spend attacks, primarily targeting cryptocurrency exchanges rather than individual users. The attacker deposited substantial amounts of BTG into exchanges while simultaneously redirecting the same funds to their own wallet, exploiting delays in fraud detection systems. By withdrawing funds before exchanges could identify the fraudulent transactions, the attacker effectively doubled their holdings. The Bitcoin Gold team confirmed the attacks originated on May 18 and continued over subsequent days, with the hacker persistently scaling their mining power to maintain network dominance despite countermeasures.

The attacks resulted in the theft of over 388,000 BTG coins, valued at more than $18 million at the time, with stolen funds traced to a specific BTG wallet address. Exchanges responded by increasing transaction confirmation thresholds to detect fraudulent activity, though the attacker adapted by further expanding their mining resources. While individual users were not directly targeted, the attacks destabilized exchanges by creating risks of financial insolvency if the double-spend campaigns persisted. The Bitcoin Gold team publicly disclosed the incident via their forums, providing technical details of the attack methodology and confirming the attacker’s prior attempts to compromise the original Bitcoin network. No additional containment measures or recovery efforts were detailed in the available source material beyond the exchanges’ adaptive confirmation protocols and the network’s ongoing exposure to continued hash rate manipulation.