link1617 link1618 link1619 link1620 link1621 link1622 link1623 link1624 link1625 link1626 link1627 link1628 link1629 link1630 link1631 link1632 link1633 link1634 link1635 link1636 link1637 link1638 link1639 link1640 link1641 link1642 link1643 link1644 link1645 link1646 link1647 link1648 link1649 link1650 link1651 link1652 link1653 link1654 link1655 link1656 link1657 link1658 link1659 link1660 link1661 link1662 link1663 link1664 link1665 link1666 link1667 link1668 link1669 link1670 link1671 link1672 link1673 link1674 link1675 link1676 link1677 link1678 link1679 link1680 link1681 link1682 link1683 link1684 link1685 link1686 link1687 link1688 link1689 link1690 link1691 link1692 link1693 link1694 link1695 link1696 link1697 link1698 link1699 link1700 link1701 link1702 link1703 link1704 link1705 link1706 link1707 link1708 link1709 link1710 link1711 link1712 link1713 link1714 link1715 link1716 link1717 link1718 link1719 link1720 link1721 link1722 link1723 link1724 link1725 link1726 link1727 link1728 link1729 link1730 link1731 link1732 link1733 link1734 link1735 link1736 link1737 link1738 link1739 link1740 link1741 link1742 link1743 link1744 link1745 link1746 link1747 link1748 link1749 link1750 link1751 link1752 link1753 link1754 link1755 link1756 link1757 link1758 link1759 link1760 link1761 link1762 link1763

Hacker swiped 17 million in second Ethereum Classic attack A near identical double-spend attack on the Ethereum Classic blockchain to one just days ago has seen almost 17 million stolen from exchanges

Hacker swiped $1.7 million in second Ethereum Classic attack.

A near identical double-spend attack on the Ethereum Classic blockchain to one just days ago has seen almost $1.7 million stolen from exchanges.

In brief

  • The ETC 51% attacker is at it again, this time draining nearly $1.7 million from Bitfinex and a second unidentified exchange.
  • The second attack was nearly identical to the first, perpetrated just days earlier.
  • Ethereum Classic Labs is pursuing legal action against the attacker.

The Ethereum Classic attacker has made off again with yet more millions.

That fact was revealed today in a follow-up analysis performed by blockchain intelligence firm Bitquery. It shows how more than 465,000 ETC were allocated for a potential double-spend attack against exchanges, with nearly $1.7 million worth successfully converted out of the vulnerable currency and into other digital assets. 

 

Become a Certified Blockchain Developer in our 11-week Online Bootcamp

ConsenSys’ flagship online developer bootcamp now open for registration! 1-on-1 mentorship and training from the best in the industry. Join today!

The second attack, which occurred yesterday, nearly identically resembles the 51% attack from last week, in a bold show of disregard for the potential consequences that come with such a large and, subsequently, well-documented heist.

The Bitquery analysis finds that the attacker employed the same methodology as the earlier July 31 attack, including the purchase of hash power from Nicehash provider daggerhashimoto.

The only notable change was the source of ETC sent to exchanges in transactions that were later overwritten; this time, those funds came from wallets that received funds in the previous attack, instead of moving ETC off of exchanges to be able to send them back later.

 

The attacker was able to successfully spend approximately 143,000 ETC on an exchange identified as Bitfinex worth an estimated $1 million. A second exchange Bitquery was unable to identify was also attacked for about $680,000. The exploit, during which the attacker sent ETC to the exchanges while mining their own blocks to “delete” those transactions later, lasted about 15 hours in total.

Following the 51% attacks and analysis that confirmed the amounts stolen and multiple addresses associated with the attacker, Ethereum Classic Labs enlisted the help of law firm Kobre and Kim and blockchain forensics firm CipherTrace to bring the offender to justice. CipherTrace CEO Dave Jevans indicated that both the theft of exchange funds and the violation of the integrity of the Ethereum Classic blockchain itself were grounds for legal action. By Alexander Behrens