Hackers allegedly stole over $655,000 (£490,000) worth of Verge cryptocurrency from the CoinPouch wallet this week, which appears to have sparked a blame game between the CoinPouch and Verge about what caused the hack. Both CoinPouch and Verge have confirmed the hack.
However, while CoinPouch blamed the hack on the Verge node, the firm set up to handle Verge transactions for its users, Verge maintains that CoinPouch was hacked because the app “wasn’t secured properly on their side”.
CoinPouch took to Twitter to update users about the incident. The firm said that it had reported the hack to the local authorities, adding that the investigation into the hack “will be hampered due to the current Thanksgiving Holiday in the U.S. which may slow down the efforts of attorneys, forensic labs, and law enforcement authorities involved in this matter”.
CoinPouch said that on 9 November, a user first reported about having his/her funds stolen from the wallet. This led to CoinPouch investigating the incident alongside Verge project lead Justin, who later concluded that the incident “did not look like a hack”. Nevertheless, Justin recommended a few security modifications for CoinPouch’s Verge node.
However, despite following the security recommendations from the Verge team, CoinPouch said that it “started getting additional reports from users stating their Verge wallets in Coinpouch were not working correctly”.
Meanwhile, Verge managed to track down the wallet where all the stolen funds – 126 million Verge coins – still remain. It is unclear why the hackers have not moved the funds elsewhere. “At this moment neither Coinpouch nor Justin, the founder and lead developer of Verge, are clear how the hack occurred,” CoinPouch said in its statement.
This is the second cryptocurrency wallet hack to occur in November. Earlier in the week, hackers stole nearly $30m worth of cryptocurrency from the startup Tether, briefly causing the price of Bitcoin to drop.