The crypto exchange OKEx has released a report explaining how the Ethereum Classic 51% attacker stole $5.6 million from the digital currency exchange on August 1. According to the report, the attacker had been planning the attack since late June. From June 26 to July 9, the attacker reportedly created five accounts on OKEx, laying the groundwork for their upcoming attack. Then, from July 30 to July 31, the attacker deposited 68,230.02 ZEC across their five newly registered accounts and later in the day on July 31, the attacker exchanged their ZEC for 807,260 ETC (worth $5.6 million at the time of action) and subsequently deposited their ETC to an external wallet address.
Attackers controlled 51% of the Ethereum Classic network.
The attacker allegedly purchased enough hash power from Nicehash provider Daggerhashimoto so that they could control 51% of the Ethereum Classic network. When hackers controlled more than 51% of the hash on the network, the attacker began to “shadow mine” the ETC blockchain. The hacker was mining the ETC blockchain, but not broadcasting the blocks that they mined to other miners. With the shadow chain being mined but not publicized, the attacker sent their 807,260 ETC back to OKEx, traded all of the ETC for 78,941.356 ZEC, and immediately withdrew their ZEC to an external wallet causing $5.6 million worth damage.
The crypto exchange would not be delisting ETC despite the hack.
After the attack, OKEx blacklisted all of the addresses associated with the attacker and suspended the attacker’s five OKEx accounts. The crypto exchange has suspended all ETC deposits and withdrawals until the ETC network is considered stable, and plans to increase the confirmation time for ETC transactions in the near future to reduce the size of the attack vector that allowed the ETC 51% attacker to get away successfully. The CEO of OKEx Jay Hao tweeted that they won’t be rushing into delisting ETC due to its popularity and standing. Crypto scams have have surged amid the pandemic all over the world.