In brief

  • The ETC 51% attacker is at it again, this time draining nearly $1.7 million from Bitfinex and a second unidentified exchange.
  • The second attack was nearly identical to the first, perpetrated just days earlier.
  • Ethereum Classic Labs is pursuing legal action against the attacker.

The Ethereum Classic attacker has made off again with yet more millions.

That fact was revealed today in a follow-up analysis performed by blockchain intelligence firm Bitquery. It shows how more than 465,000 ETC were allocated for a potential double-spend attack against exchanges, with nearly $1.7 million worth successfully converted out of the vulnerable currency and into other digital assets. 

The second attack, which occurred yesterday, nearly identically resembles the 51% attack from last week, in a bold show of disregard for the potential consequences that come with such a large and, subsequently, well-documented heist.


The Bitquery analysis finds that the attacker employed the same methodology as the earlier July 31 attack, including the purchase of hash power from Nicehash provider daggerhashimoto.

The only notable change was the source of ETC sent to exchanges in transactions that were later overwritten; this time, those funds came from wallets that received funds in the previous attack, instead of moving ETC off of exchanges to be able to send them back later.

The attacker was able to successfully spend approximately 143,000 ETC on an exchange identified as Bitfinex worth an estimated $1 million. A second exchange Bitquery was unable to identify was also attacked for about $680,000. The exploit, during which the attacker sent ETC to the exchanges while mining their own blocks to “delete” those transactions later, lasted about 15 hours in total.

Following the 51% attacks and analysis that confirmed the amounts stolen and multiple addresses associated with the attacker, Ethereum Classic Labs enlisted the help of law firm Kobre and Kim and blockchain forensics firm CipherTrace to bring the offender to justice. CipherTrace CEO Dave Jevans indicated that both the theft of exchange funds and the violation of the integrity of the Ethereum Classic blockchain itself were grounds for legal action.


Given the magnitude of theft associated with the recent ETC 51% attacks and the apparent repeatability of the exploit, many, including Ethereum creator Vitalik Buterin are beginning to seriously question the security decisions of the ETC community, suggesting the risk of a shift to proof-of-stake consensus hardly seems greater than the risk of continued attacks.

With millions flowing out the door seemingly every other day, it’s hard to argue substantial changes aren’t needed, and fast.

Stay on top of crypto news, get daily updates in your inbox.