Privacy Coin Verge Has Its Twitter Hacked and Developer Doxed
Verge, a cryptocurrency that advocates “advanced privacy as a choice”, had its Twitter account hacked on Tuesday and its developer’s private details shared. The attacker then bragged about the feat to the account’s 265,000 followers and attempted to scam them out of verge (XVG) cryptocurrency. By the time the account had been restored, the price of XVG had dipped in value, and it remains 5% lower against BTC today.
Also read: EOS, Cardano and Tezos: Sleeping Giants Starting to Stir
Verge Developer Sheds Some Privacy
Twitter account hijackings, while relatively uncommon, can happen to even the largest of accounts. They’ve happened to celebs, and in the crypto space they’ve happened to smaller players like Etherdelta and now Verge. When the XVG team regained access to their account, some hours after the hack, they instantly blamed AT&T, implying that the network had allowed itself to be socially engineered and the account ported over via SIM swap. This would be less embarrassing than if it were to emerge, for instance, that the project lead had failed to use 2FA.
After the hack had occurred, the compromised Verge account sent out the following message:
It’s impossible to verify the claim that 1 billion XVG (or about 6% of the total supply) were stolen, though it seems unlikely. For one reason, if the account’s new owner was sitting on that much crypto, they’d have had no need to send out their next tweet, begging followers to send a little XVG to “receive more back”. The attacker seems to have just been having some fun in a community famed for its intolerance of negativity towards Verge.
Not FUD, Just News
XVG lead developer Justin was the target of the hack, which led to his personal account, as well as the official Verge account, being compromised, and his photo ID published. The Verge family were quick to suggest that the attacker acted because they had felt “threatened” by the altcoin’s ascendancy. They also blamed Twitter for the hack, in between asserting, perhaps in jest, that verge was “the real bitcoin”.
While Verge’s Twitter account hasn’t had much luck with security, it’s fared better at developing a passionate and single-minded community. Once back in charge of its own account, Verge went on to retweet messages of support, including one which referred to “continuous attacks and FUD from those wanting to do harm to the coin”. In this case, the only harm seems to have been a loss of face for the lead developer, and perhaps a few XVG to anyone who was dumb enough to send money to the wallet address provided by the hacker. At least one community member shared the offending tweet in a Verge Telegram group, under the impression that the giveaway was real.
This particular incident hasn’t ended badly, assuming no coins were stolen and it was only a Twitter account that was temporarily taken. The case serves as a reminder, though, to everyone in crypto to use 2FA and be alert to signs of SIM swapping and other forms of social engineering.