Coinbase suspends Ethereum Classic trading after attack

8 Jan 2019

Image: © macondos/Stock.adobe.com

Attackers have stolen almost $500,000 worth of the Ethereum Classic digital currency through an intensive operation.

One of the world’s leading cryptocurrency exchanges, Coinbase, yesterday (7 January) announced that it was suspending trading on Ethereum Classic (ETC), a digital currency it added to its catalogue in August 2018.

A problem with the ETC blockchain

According to Mark Nesbitt, security engineer at Coinbase, a “deep chain reorganisation” of the Ethereum Classic blockchain was identified. In short, this means that someone controlling miners on the network had edited the transaction history on the blockchain.

This editing can allow for “double spending”, essentially allowing the attackers to recover previously spent coins and transfer those to a new entity. This had been occurring on the ETC blockchain since 5 January. A total of 11 double-spend attacks have taken place, amounting to close to 88,500 ETC (approximately $460,000).

How does it work?

Nesbitt said: “The function of mining is to add transactions to the universal, shared transaction history, known as the blockchain. This is done by producing blocks, which are bundles of transactions, and defining the canonical history of transactions as the longest chain of blocks.

“If a single miner has more resources than the entirety of the rest of the network, this miner could pick an arbitrary previous block from which to extend an alternative block history, eventually outpacing the block history produced by the rest of the network and defining a new canonical transaction history.

“This is called a ‘chain reorganisation’, or ‘reorg’ for short. All reorgs have a ‘depth’, which is the number of blocks that were replaced, and a ‘length’, which is the number of new blocks that did the replacing.”

Ethereum experts speculate

Some experts are suggesting the event is something called a ‘51pc attack’, which basically means that anyone who controls more than half of the mining power has the ability to rewrite transaction history.

Others are speculating that higher-powered new miners are to blame, among other possible causes. ETC was created in August 2016 and was one of the first forks of the more established Ether.

Other digital currency exchanges have moved to increase the number of confirmations needed to process an ETC transaction, but Coinbase has chosen to freeze customer accounts containing ETC.

Updated, 11.34am, 8 January 2019: This article was updated to clarify that the attackers have stolen almost $500,000 (approximately $460,000) worth of the Ethereum Classic currency.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com