Ethereum Classic has suffered a second 51% attack in a week Thursday morning after more than 4,000 blocks were reorganized.
Mining pool Ethermine’s parent entity Bitfly and exchange Binance reported the reorganization, announcing all Ethereum Classic payouts, withdrawals and deposits had been suspended due to the attack. It’s unclear how much the attacker has made.
The reorganized transaction history is currently the longest chain on the network. However, the majority of Ethereum Classic miners such as mining pool Ethermine are continuing to mine on the shorter version of the network meaning it accepted the history of the network.
Developers behind Ethereum Classic said in a tweet minutes before Bitfly’s report that exchanges and mining pools are advised to “significantly raise confirmation times on all deposits and incoming transactions” in light of “recent network attacks.”
A chain re-org occurs when a party gains more hashing power than the rest of the network miners. The adversary can then rewrite the chain’s history and “double-spend” the blockchain’s native currency (in this case, ETC). Hashing power on Ethereum Classic looks to have decreased considerably since Monday, August 3 dropping nearly 20% from 1.6 TH/s to 1.3 TH/s as of press time.
This fresh attack to Ethereum Classic’s network follows on from a recent attack that occurred between July 29 and August 1, according to blockchain analytics firm Bitquery that looked at the evidence on Wednesday.
While Ethereum Classic developers initially said the network did not suffer from a reorganization or a 51% attack in that previous attack, Bitquery said Wednesday that an attacker double-spent a little over 800,000 ETC (about $5.6 million), and paid about 17.5 BTC ($204,000) to acquire the hash power for the attack.
The monetary value of Thursday’s 51% attack in terms of the double spends is not yet known. However, at $23.44 per block reward on Ethereum Classic the attacker has most likely earned $93,760 from block rewards alone.
The attack follows the deprecation of the OpenEthereum client on July 16. Nearly half of the network’s nodes – including important mining and exchange connections – operated on OpenEtheruem software which became immediately outdated following the first chain re-org July 31.
Ethereum Classic developers have urged node operators to switch to Besu or Multi-geth implementations as soon as possible.
Ethereum Classic’s price was $7.03 as of press time, down less than 1% over 24 hours.
Not the first
The network has suffered major reorg attacks at least twice in the last two years.
Ethereum Classic Labs CEO Terry Culver initially said this past weekend’s incident was not an attack, but the result of an accident where a miner went offline for several hours.
Bitquery refuted Culver’s initial claim the event was the result of an offline miner losing internet access “for a while” whilst mining.
Bitquery’s argument chafed against Ethereum Classic Labs’, with Bitquery stating the attacker withdrew more than 807,000 ETC from a Crypto exchange and sent it to several wallets between July 29-31.
According to Bitquery, the attacker then started mining blocks after purchasing the hash power from Nicehash provider daggerhashimoto.
On July 31, the attacker sent money to their own wallet address via private transactions and then implemented the transactions into the blocks they were mining.
The attacker then sent back money to a crypto exchange, which Bitquery alleges belongs to Malta-based OKEx, and cashed out to U.S. dollars or bitcoin by splitting up operations to avoid detection.
By August 1 the attacker published their blocks with an instance of the transaction created from the private transactions and then performed a chain re-org.
According to Bitquery, it took over 12 hours of executing transactions between exchanges and wallets the hacker owned over a non-reorged chain.
As of press time, none of the funds compromised in the 51% attack have moved from the OKEx exchange, according to Bitquery.
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.