Two Attacks on ETC Network Leave Community Needing a Solution, Fast

Published at: Aug. 16, 2020

Ethereum Classic, a 2016 hard fork from Ethereum’s main blockchain, has suffered multiple concerning network attacks over the last two years. Two such attacks occurred within a seven-day span, totaling millions of dollars in losses. With the dust settling from the two 51% attacks, further details are now coming forward, as provided by a number of industry experts.

“There is no debate about the attacks,” ETC Labs CEO Terry Culver told Cointelegraph on Aug. 7, answering a question on whether or not the network difficulties were in fact 51% attacks. “Community members shared the most accurate information available as quickly as possible — while the attack was occurring,” he added. 

Culver mentioned the industry’s emphasis on transparency, although he also noted early evaluations around incidents may not be as accurate as subsequent conclusions, pointing toward the July 31 attack on Ethereum Classic’s network as an example, adding: “You may know your house is on fire, but you don’t always know the cause until the smoke clears.” 

ETC Labs founder James Wo initially said the network manipulation was not a 51% attack in an Aug. 1 tweet. Culver’s comments, however, show updated conclusions after Wo’s early statement, as well as the rationale behind Wo’s initial attack evaluation. 

Two ETC attacks within a week

On Aug. 1, 2020, an initial analysis revealed an Ethereum Classic network reorganization, which was thought to be accidental — the result of a miner’s outdated software coupled with a 12-hour mining hiatus. 

Updated details showed a nefarious party purposely took majority control of Ethereum Classic’s network mining power between July 31 and Aug. 1 in an effort to allow ETC double-spending — essentially printing money. With their efforts proving successful, the perpetrator reportedly pilfered $5.6 million via double-spending from the attack.

Five days later, news came in revealing another 51% attack on the ETC network. A perpetrator conducted a 4,000-block network reorganization. It’s worth noting that the network also faced a separate 51% attack over a year ago in January 2019. 

As a result, crypto exchange OKEx halted ETC transactions on its platform on Aug. 1 after noticing strange activity involving the asset. OKEx CEO Jay Hao told Cointelegraph that proof-of-work assets, at their core, hold the risk of suffering 51% attacks, pointing toward their decentralization as reasoning:

“If it were physically impossible to carry out a 51% attack on a decentralized cryptocurrency either by hash rate or stake, then that cryptocurrency would actually be centralized/permissioned.” 

Hao, however, mentioned that “the cost of doing this to major coins like Bitcoin outweighs the advantages of carrying out an attack,” adding that smaller market cap assets lie in greater danger of such an attack, especially when those assets post lower hash rates. 

The attack between July 31 and Aug. 1 saw a nefarious party gain majority control of the ETC network by renting hash power from a NiceHash broker, a report from Bitquery detailed. The attacker spent $192,000 on hash power, which resulted in a 2,800% profit of approximately $5.6 million from the attack.

Do all public blockchains face risks?

While Hao pointed toward PoW as a vulnerable structural makeup, Culver said public blockchains, in general, all carry attack risks. “We believe that various attacks occur frequently, and most go unreported,” he said. “The ETC attacks are so visible because we believe transparency is a strength and a core value.”

Blockchain technology is also an up-and-coming innovation; it’s still young, making it more vulnerable, Culver added, noting regulation and further industry growth as solutions. Regarding the ETC attacks, Culver said:

“In ETC’s case, it is a growing community and a truly public and decentralized blockchain. Unfortunately, the attackers exploited this at a precise moment when ETC’s hash rate was low.”

The type of attack does not matter

Contrary to the headlines and chatter about 51% attacks, Philip Salter, the head of mining operations at Genesis Mining, asserted that the labels put on the exact type of attacks Ethereum Classic’s network suffered are not that important. “Sure, we can check if anyone got double-spent as a result of the reorgs and if yes, conclude that it must have been an attack,” Salter told Cointelegraph, adding:

“But maybe a double-spend wasn’t the motivation of an attack but instead censorship or reordering of transactions? We will probably never know. The fact is that, malicious or not, there exist, at least for some periods of time, miners with more than 50% of the total ETC hash rate. This is a reason for concern because it reduces trust in the integrity and finality of the blockchain.” 

Ethereum Classic and Ethereum both hold the same mining algorithm, increasing ETC’s 51% attack vulnerability, Salter explained, also noting Bitcoin Cash and Bitcoin SV both harness Bitcoin’s algorithm, leaving them in the spotlight for similar attacks. 

Bitcoin Cash’s network reportedly suffered a 51% attack in May 2019, although the effort served as a protective action rather than a nefarious move in that instance. In April 2020, someone could have 51% attacked Bitcoin Cash’s network for just $10,000 worth of borrowed mining power due to the falling hash power following the asset’s reward halving event. Explaining the risks of coins running on shared algorithms, Salter explained:

“Attacking ‘little brother’ coins like this is much easier than attacking a coin with its own mining algorithm because large amounts of ‘big brother’ hash rate can be rented from miners through hash rate marketplaces like NiceHash and used to fork the smaller coin.” 

Legal action in play from ETC Labs

Many developments have occurred since the pair of Ethereum Classic network attacks. ETC Labs recently publicized its legal action aimed toward the parties behind the attacks, working in tandem with blockchain analytics firm CipherTrace to uncover those at fault, according to an Aug. 6 statement shared with Cointelegraph. ETC Labs will also work with law firm Kobre & Kim on the case. 

The Ethereum Classic network also received contact from Charles Hoskinson in the days following the attacks, as the Cardano founder looked to lend a hand with the project in light of the attacks. As part of his aid, however, Hoskinson wanted to put a decentralized treasury in play as a method of compensation for any future work done. ETC’s brass denied the offer. 

Positive news, however, came on Aug. 10, as the New York State Department of Financial Services gave its nod of approval for licensed outfits to custody of a number of assets, including ETC. Over the last several years, New York has made a name for itself as a strict regulatory region for the crypto industry.

Five days later, further negativity followed the asset. OKEx published an in-depth dive into the ETC network attacks, bringing additional clarity to the scene. The attackers, from the first incident between July 31 and Aug. 1, used OKEx accounts in conjunction with the 51% attack. The report included detailed information around the affair, complete with added intel from members of the crypto community.

OKEx said it has incurred the $5.6 million dollar loss from the attack, keeping true to its user-protection terms. As a result, the report stated no user funds as lost since the outfit reimbursed affected accounts. Due to the exchange’s initial actions, no OKEx customers, or the exchange itself, saw any ill impact of the subsequent 51% attack on Aug. 6, according to the report said.

“The exchange will consider delisting ETC, pending the results of the Ethereum Classic community’s work to improve the security of its chain,” the report said after noting a number of other precautionary and corrective actions OKEx carried out, as well as planned future measures.

ETC price since July 30, 2020. Source: Coin360.com

Amid the drama, ETC’s price has not suffered a terrible fate. The coin rose about 4%, reaching $8.31 during the 24 hours after the Aug. 1 attack, followed by a drop of roughly 21%, down to $6.50 in the same time period. Since Aug. 2, the asset has returned to the same valuation as prior to the first attack on the network.

Tags
Blockchain
Hackers
Okex
Cybercrime
Ethereum Classic
Related Posts
OKEx May Delist Ethereum Classic If It Doesn’t Upgrade Its Security
ETC is facing delisting from OKEx in the wake of a 51% attack that cost the exchange $5.6 million. According to a report recently released by OKEx, the perpetrators registered five accounts between June 26 and July 9, 2020, subsequently depositing 68,230.02 ZEC (worth more than $5 million) on their platform. On July 31, the attackers exchanged their ZEC holdings for 807,260 ETC and withdrew it from the exchange. The on-chain process of the initial 51% attack on Aug. 1. Source: community enthusiasts On the same day, the attackers began creating a “shadow chain” using their newly acquired hashrate. At …
Blockchain / Aug. 14, 2020
Cellebrite Launches Crypto Tracer Solution to Track Illicit Transactions
Digital intelligence firm Cellebrite has launched its “Cellebrite Crypto Tracer” solution. The new offering is powered by CipherTrace and aims to trace illicit cryptocurrencies involved in money laundering, terrorism, drugs, human trafficking, weapon sales and ransomware schemes. The suite of tools will be available to investigators, analysts and non-technical agents who want to lawfully obtain evidence and trace criminals who use cryptos like Bitcoin (BTC) through the darknet. Citing figures from an Oxford University study, Cellebrite states that an estimated $76 billion worth of illegal activities involve Bitcoin. Curating millions of information references to trace transactions The Cellebrite Crypto Tracer …
Technology / July 28, 2020
Twitter Has Been Trying to Hire Senior Security Engineers for Two Months
If the company’s jobs site is any indication, Twitter has been openly hiring for security positions in the months leading up to this week’s notorious hack. According to the company’s job search, Twitter posted several key job descriptions pertaining to company security two months ago. The company was (and still seems to be) hiring for a senior infrastructure security engineer, senior security engineer, two senior application security engineers and staff product manager for security and data protection among several others. A job description for one of these positions focuses on the reduction of security risks across the company: “As a …
Blockchain / July 17, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
DeFi exploits and access control hacks cost crypto investors billions in 2022: Report
Cyber criminals used a variety of novel ways to carry out hacks and exploits in 2022, with over $2.8 billion of cryptocurrency stolen last year. According to a report from CoinGecko using data sourced from DeFiYield’s REKT Database, nearly half of the total crypto stolen in 2022 was fleeced using diverse methods. This includes bypassing verification processes, market manipulation, ‘crowd looting’ as well as smart contract and bridge exploits. The biggest hack of 2022 was carried out through an access control hack. Sky Mavis, the developer behind popular game Axie Infinity, saw its Ronin bridge hacked in March 2022, leading …
Blockchain / Feb. 13, 2023