Cryptocurrency exchange OKEx recently detected a deep chain reorganization of the Ethereum Classic blockchain that had a double-spend issue. The exchange might suspend Ethereum Classic after losses emerged from 51% attacks.
Stopping interactions with Ethereum Classic
OKEx claimed to more than $1.7 billion of crypto trading volume in the last 24 hours. The exchange said that it would cease interactions with the Ethereum Classic (ETC) blockchain. Because of the deep chain reorganization of the blockchain, the exchange lost about $5.6 million in cryptocurrencies. The blockchain went through a double spend remedy. The ETC community went through a stroke of panic earlier this month after the original Ethereum network went through a 51% attack.
In a Saturday blog post, OKEx noted that it made a full analysis of the blockchain. It also examined the addressed that sent the double-spend transactions. It also checked the history of sends/receives from the addresses, checked the timestamp, and also looking into the subsequent movement of the miner rewards from the attack blocks. This effort from the threat actors that were behind these attacks.
What did OKEx find?
According to OKEx, the attacker registered five accounts back in late June. All the accounts passed through the KYC protocols and were able to increase their withdrawal limits. Towards the end of July, the new accounts deposited 68,230.02 ZEC into his OKEx accounts in multiple transactions. He then converted the full amount into ETC and deposited it in the spot market of the exchange.
The attacker then withdrew the newly bought ETC from its OKEx accounts to multiple external addresses on the blockchain. The total withdrawal amount was 807,260 ETC, which was worth approximately $5.6 million at the time.
The analysis reads,
“On July 31, after trading ZEC for ETC on OKEx and then withdrawing the ETC to external addresses, the attacker(s) began the 51% attack of Ethereum Classic’s blockchain in full. The whole operation can be broken into three stages: 1) the creation of a “shadow chain” or a secret, alternate chain to ETC’s mainnet, 2) the actual double-spend and 3) the deep chain reorganization that resulted in losses to OKEx.”
It also states that an unknown attacker rolled back and modified transactions on the network in order to create a shadow chain. The loss had to be born fully by OKEx according to its user-protection policy. Therefore, none of the users were harmed in the process.