Ethereum Classic has suffered its second 51% attack in a week after more than 4,000 blocks were reorganized Thursday morning.
The reorganized transaction history is currently the longest chain on the network. However, the majority of Ethereum Classic miners – such as mining pool Ethermine – are continuing to mine on the shorter version of the network.
Developers behind Ethereum Classic said in a tweet minutes before Bitfly’s report that exchanges and mining pools are advised to “significantly raise confirmation times on all deposits and incoming transactions” in light of “recent network attacks.”
A chain reorg occurs when a party gains more hashing power than the rest of the network miners. The adversary can then rewrite the chain's history and “double-spend” the blockchain’s native currency (in this case, ETC). Hashing power on Ethereum Classic looks to have decreased considerably since Monday, August 3 dropping nearly 20% from 1.6 TH/s to 1.3 TH/s as of press time.
This fresh attack to Ethereum Classic’s network follows on from a recent attack that occurred between July 29 and Aug. 1, according to blockchain analytics firm Bitquery.
While Ethereum Classic developers initially said the network did not suffer from a reorganization or a 51% attack in that previous attack, Bitquery said Wednesday that an attacker double-spent a little over 800,000 ETC (about $5.6 million), and paid about 17.5 BTC ($204,000) to acquire the hash power for the attack.
The monetary value of Thursday’s 51% attack in terms of the double spends is not yet known. However, at $23.44 per block reward on Ethereum Classic, the attacker has most likely earned $93,760 from block rewards alone.
The attack follows the deprecation of the OpenEthereum client on July 16. Nearly half of the network’s nodes – including important mining and exchange connections – operated on OpenEthereum software which became immediately outdated following the first chain reorg on July 31.
Ethereum Classic developers have urged node operators to switch to Besu or Core-geth implementations as soon as possible.
Not the first
The network has suffered major reorg attacks at least twice in the last two years.
In the more recent attack, the perpetrator moved more than 807,000 ETC from an unspecified crypto exchange to several wallets between July 29-31, according to Bitquery.
The attacker then started mining blocks after purchasing the hash power from a user on cryptocurrency mining platform Nicehash.
On July 31, the attacker sent money to their own wallet address via private transactions and then implemented the transactions into the blocks they were mining.
The attacker then sent back money to a crypto exchange, which Bitquery alleges belongs to Malta-based OKEx.
By August 1 the attacker published their blocks and initiated the chain reorg.
As of press time, none of the funds compromised in the 51% attack have moved from the OKEx exchange, according to Bitquery.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.