Hacker swiped $1.7 million in second Ethereum Classic attack

The Ethereum Classic attacker has made off again with yet more millions.

That fact was revealed today in a follow-up analysis performed by blockchainblockchain intelligence firm Bitquery. It shows how more than 465,000 ETC were allocated for a potential double-spend attack against exchanges, with nearly $1.7 million worth successfully converted out of the vulnerable currency and into other digital assets. 

The second attack, which occurred yesterday, nearly identically resembles the 51% attack from last week, in a bold show of disregard for the potential consequences that come with such a large and, subsequently, well-documented heist.

The Bitquery analysis finds that the attacker employed the same methodology as the earlier July 31 attack, including the purchase of hash power from Nicehash provider daggerhashimoto.

The only notable change was the source of ETC sent to exchanges in transactions that were later overwritten; this time, those funds came from walletswallets that received funds in the previous attack, instead of moving ETC off of exchanges to be able to send them back later.

The attacker was able to successfully spend approximately 143,000 ETC on an exchange identified as Bitfinex worth an estimated $1 million. A second exchange Bitquery was unable to identify was also attacked for about $680,000. The exploit, during which the attacker sent ETC to the exchanges while mining their own blocks to “delete” those transactions later, lasted about 15 hours in total.

Following the 51% attacks and analysis that confirmed the amounts stolen and multiple addresses associated with the attacker, Ethereum Classic Labs enlisted the help of law firm Kobre and Kim and blockchain forensics firm CipherTrace to bring the offender to justice. CipherTrace CEO Dave Jevans indicated that both the theft of exchange funds and the violation of the integrity of the Ethereum Classic blockchain itself were grounds for legal action.

Ethereum Classic Labs seeks criminal charges after 51% attacks

Ethereum Classic Labs has enlisted the help of law firm Kobre & Kim LLP and crypto intelligence company CipherTrace to pursue the individuals responsible for the two recent 51% attacks on Ethereum Classic’s blockchain—both technically and legally. “We’ve engaged Kobre & Kim and CipherTrace to assist in the investigation and pursuit of criminal charges against the perpetrators of the recent attacks on ETC,” said Terry Culver, the CEO of ETC Labs, adding, “Together we will cooperate with stakehold...

Given the magnitude of theft associated with the recent ETC 51% attacks and the apparent repeatability of the exploit, many, including EthereumEthereum creator Vitalik Buterin are beginning to seriously question the security decisions of the ETC community, suggesting the risk of a shift to proof-of-stake consensus hardly seems greater than the risk of continued attacks.

With millions flowing out the door seemingly every other day, it’s hard to argue substantial changes aren’t needed, and fast.