Ethereum Classic [ETC] 51% Attack: Hacker Returns $100K

Last week, Smartereum reported that the Ethereum Classic [ETC] witnessed some block reorganization, a major indication of a 51% percent attack.

Cryptocurrency exchange, has now said that the attacker has returned $100,000 worth of Ethereum Classic [ETC] tokens to it after the attack.

In the statement released on Saturday Jan 12. explained that it noticed the refund on Thursday Jan. 10 but the attacker refused to respond to efforts they made to contact.

What was behind the 51% ETC Attack?

It is still unclear what the reason behind last week’s attack was. However the return of the $100,000 worth of ETC money raises the suggestion that it could have been a white hat operation probably to raise awareness of the risks and vulnerability of cryptocurrency.

U.S.-based cryptocurrency exchange Coinbase, in a statement on its website stated that it noticed double spends of 219,500 ETC tokens (amounting to about $1.1M in value). Going by this estimation, the tokens returned by the attacker(s) represents only a fraction of the entire tokens lost.

Similarly, had written to its customers at the time of the attack to confirm losses due to the attack. According to the statement, it detected 7 rollback transactions worth 54,200 ETC (about $200,000) connected to four addresses which believed to be used by the attackers.

“We still don’t know the reason,” explained in its latest statement:

“If the attacker didn’t run it for profit, he might be a white hacker who wanted to remind people of the risks in blockchain consensus and hashing power security.”

Precautions Against 51% Attacks

The decentralization of a blockchain is the basic precaution against a single entity taking over a blockchain to reorganize its data as is the case with 51 percent attacks. But when the hash rate is weak, it becomes easier for a malicious actor to rent enough hash power and overtake the network. This explains why most successful 51 percent attacks have been on smaller altcoins with relatively small hash powers.

Exchanges can suspend activity on a token if it notices the attack to prevent its users from losing funds just like Coinbase and other exchanges did. explained that it was keeping an eye out for a repeat of the attack.

“Based on our analysis, the hashing power of ETC network is still not strong enough and it’s still possible to rent enough hashing power to launch another 51% attack,” the exchange explained noting that it raised the confirmation number for ETC to 4000. The team said it has also launched a strict 51% detect to better protect its customers.

What Next After the Attack

SlowMist, the blockchain security firm which first identified the attack and are working with the Ethereum Classic team, released its analysis of the attack. It identified several addresses connected with the doublespend addresses that were connected with the attack while it promised to work towards uncovering the attacker(s).

 The authors wrote:

“We have the first time to add these malicious wallet address and malicious associated address to BTI and made available to partners to prevent an attacker from further attack other exchanges. And provide intelligence to partners to prevent attackers from further attacking other exchanges.”

While advising crypto operators to block the flagged addresses, they advised them to “strengthen the risk control, maintain a high degree of attention, and be alert to double spend attacks that may erupt at any time.”

Ethereum Classic (ETC) Price Watch

The price of Ethereum Classic [ETC] went down with the rest of the crypto market today. It is currently trading at $4.28 which is about 5 percent down from the last 24 hours. The trade volume in the last 24 hours is just over $120,000 where it has been since the event.

Solomon Sunny is the market reporter for Smartereum, one of the global leaders in Ethereum, blockchain and currency news. He produces technical price updates on digital currencies and writes recent developments about blockchain.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.