Ethereum Classic experienced a vicious 51 percent attack that allowed attackers to conduct eleven deep chain reorganizations and double-spend 88,500 ETC, worth over $400,000. In response to the attack, the price of ETC has plummeted and services using the cryptocurrency have halted.
On Jan. 5th at 13:27 UTC, Ethereum Classic was reorganized at block 7245623, and over the course of the next three days the intensity of these attacks increased as the cryptocurrency’s immutability was violated.
Coinbase detected eleven distinct deep chain reorganizations, nine of which facilitated double-spends. Based on the exchange’s estimates, the attackers were able to double-spend 88,500 ETC, worth over $400,000.
That said, the price of ETC is rapidly dropping in response to the attack, losing 10 percent of its value in the last 24 hours. Over the course of the attack, Ethereum Classic went from $5.50 to $4.90 per coin.
The attacker has been identified. Within the last day, the attack stopped on Jan. 7th, at 05:30 UTC when the attacker’s control of total mining power fell below 50 percent, but the situation may be temporary:
If the attacker is able to regain over 50 percent of the network’s mining power, then the attacks may once again continue.
51 Percent Attacks and Reorganizations Explained
An attack can occur when one miner is able to amass 50 percent of the hashing power, allowing that miner to ‘outvote’ honest miners. This means that the attacker could statistically maintain the longest chain and determine which transactions to include on the blockchain.
This invalidates one of the issues the blockchain solves under normal conditions—double spending—where a user spends the same cryptocurrency multiple times.
It is likely that the attacker mined privately for some time before revealing the longer chains. In this case, everything on the Ethereum Classic blockchain would look normal. Then, the miner suddenly goes online and publishes a long string of valid blocks and invalidates a large number of transactions (called a ‘reorganization’ or ‘reorg.’), replacing the old segment of the chain with the attacker’s new segment.
By conducting transactions on the honest chain prior to the attack, and once the attacker’s conflicting transactions on the attacking chain are revealed, the honest transactions are subsequently nullified.
These large scale attacks are typically performed against cryptocurrency exchanges. By depositing coins into an exchange the attacker can trade at-risk Ethereum Classic for Bitcoin or another valuable cryptocurrency. Then, the attacker can revert these transactions to regain the Ethereum Classic.
The attacker can continue to plunder in this fashion so long as they maintain control over 50 percent of the network’s mining capability. To learn more about 51 percent attacks read CryptoSlate’s deep-dive.
The reorganizations emphasize the vulnerability of smaller proof-of-work cryptocurrencies. It is unknown how long Ethereum Classic will endure this attack, but, for the time being, it is recommended that holders halt any transactions with the cryptocurrency to prevent their transactions from being reverted.