Pigeoncoin (PGN), a small-scale, barely traded digital asset, saw a day-long exploit generate almost 25% of the total supply of coins by exploiting the “server inflation bug” inherited from Bitcoin. While Bitcoin, Bitcoin Cash, Litecoin, and other large coins were quick to patch the bug, small projects may be still under threat from the exploit, which can generate an unlimited number of coins.
The Pigeoncoin hack, however, was hardly profitable - at the most, the exploit could have generated $15,000 at market prices. PGN trades at $0.000066 and has negligible trading volumes (around $60,000) on two obscure exchanges.
But the Pigeoncoin hack shows that if exploited, the vulnerability known as CVE-2018-17144 would have had serious repercussions for the largest, best-known cryptocurrency networks. It would have allowed a hacker to crash the nodes of a coin with the flaw and double-spend without any effort to attack mining.
According to Bitcointalk users, the Pigeoncoin hack happened on September 27 and was linked to a user called mrsandman1. The hack is estimated to have created around 235 million additional PGN. Those cannot be removed from the network - they exist as legitimately as all other coins.
Pigeoncoin patched the bug on September 28, and trading resumed on October 2. It is difficult to determine which small coins use the same code and could be exploited in the same way. However, the Pigeoncoin hack could serve as a warning to other projects.
Coinmarketcap puts the total Pigeoncoin supply at 923,065,000, and it seems like the additional 235 million are not reflected yet. Pigeoncoin uses the x16r mining algorithm and is too small to get the attention of ASIC producers. The project aimed to use a blockchain solution to end data collection in social media and achieve digital freedom.