Ethereum Classic Hit by 51% Attack Allegedly Worth $460,000
- Rumors of the attack originally began circulating on January 6.

UPDATE 14.1.2019: Gate.io published a more extensive report on the hack claiming that 54,200 ETC in total (worth $271,500 when the hack occured) had been transferred out of the exchange. In a separate statement on Jan. 8, Coinbase claimed that a total of more than $1.1 million in crypto had been affected during the 51% attack.
---------------------------------------
A 51% attack was confirmed to have hit the Ethereum Classic (ETC) network on January 7, by Bitfly, the operator of the Ethereum block explorer, the Ethernodes node explorers, and an Ethereum Classic mining pool.
We can confirm that there was a successful 51% attack on the Ethereum Classic (#ETC) network with multiple 100+ block reorganization. We recommend all services to closely monitored the chain and significantly increase required confirmations.
— Bitfly (@etherchain_org) January 7, 2019
When a 51% attack is successfully executed, hackers gain the ability to “reorganize” a Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Read this Term or even replace a blockchain with their own version. In addition to a number of other opportunities for malicious behavior that this reorganization or replacement grants to the perpetrators of a 51% attack, hackers can “double spend”--that is, the same coins can be used multiple times in fraudulent transactions.
Rumors of 51% Attack on ETC Originally Appeared January 6
Reports that ETC may have been experiencing a 51% attack originally appeared on January 6 in CoinNess, a Chinese-based coin journal. The publication wrote that transaction rollbacks had triggered an alert for Chinese blockchain security firm SlowMist.
“The ETC community followed up on the development of the incident immediately and learned that there is a private mining pool...that achieves more than 50% of the total network Hash Rate Hash Rate A hash rate is the measure of a cryptocurrency miner’s performance and a key security metric. In the context of mining, the more hashing or computing power in a given network, the greater its security and its overall resistance to attackMining hashrate is a key security metric. The more hashing (computing) power in the network, the greater its security and its overall resistance to attack. Hash rate is also a measurement of the output of a device that is used to add transactions to a blockchain ledgers that run on Proof-of-Work (PoW) algorithms.Hash Rate and Crypto MiningPoW algorithms require the computers that uphold the network and process transactions (called nodes) to solve complex equations in order to reach consensus, or agreement on whether or not a transaction. This process is called mining. Miners are chosen based on which one of them has the most powerful equipment--in other words, the highest hash rate. A hash rate is the measure of a cryptocurrency miner’s performance and a key security metric. In the context of mining, the more hashing or computing power in a given network, the greater its security and its overall resistance to attackMining hashrate is a key security metric. The more hashing (computing) power in the network, the greater its security and its overall resistance to attack. Hash rate is also a measurement of the output of a device that is used to add transactions to a blockchain ledgers that run on Proof-of-Work (PoW) algorithms.Hash Rate and Crypto MiningPoW algorithms require the computers that uphold the network and process transactions (called nodes) to solve complex equations in order to reach consensus, or agreement on whether or not a transaction. This process is called mining. Miners are chosen based on which one of them has the most powerful equipment--in other words, the highest hash rate. Read this Term at certain times,” the report read.
Ethereum Classic itself responded to the report with a Twitter post claiming that the ETC network was “operating normally.”
There have been rumors of a possible chain reorganization or double spend attack.
From what we can tell the ETC network is operating normally. BlockScout's "Reorg" section shows nothing of the sort.https://t.co/Yi2cXusCz9 pic.twitter.com/HdUtS0DJZK — Ethereum Classic (@eth_classic) January 6, 2019
However, the ETC team changed its tune less than eight hours later with another tweet imploring “all exchanges and mining pools” to “please allow a significantly higher confirmation time on withdrawals and deposits (+400).”
To all exchanges and mining pools please allow a significantly higher confirmation time on withdrawals and deposits (+400)
cc @OKEx @ExchangeXGroup @HuobiGroup @digifinex @binance @bitfinex https://t.co/m5cxcKBVXa — Ethereum Classic (@eth_classic) January 7, 2019
Then, without expressly confirming that the attack had taken place, the ETC team then retweeted the original CoinNess article.
At the time of writing, the attack appeared to have subsided--ETHNews reported that the ETC address that is suspected to be associated with the attack has been “silent” since it mined block #7,256,171 nearly twenty-four hours ago.
However, some controversy arose around the attack when US-based crypto exchange Coinbase came forward and said that it noticed a “deep chain reorganization of the Ethereum Classic blockchain that included a double spend” on Saturday, January 5th, a full day before the CoinNess report.
Ethereum Classic responded to the report with a tweet saying that “unfortunately [Coinbase] did not connect with ETC personnel regarding the attack.”
Regarding @coinbase account of recent events: they allegedly detected double spends but unfortunately did not connect with ETC personnel regarding the attack. This is still very much an ongoing process. https://t.co/in1OGdV8T9
— Ethereum Classic (@eth_classic) January 7, 2019
Coinbase’s report on the 51% attack was posted on the company’s Medium blog on January 7. Coinbase Security Engineer Mark Nesbitt, who authored the post, wrote that Coinbase detected "a deep chain reorganization of the Ethereum Classic blockchain that included a double spend" on January 5. The post claims that since then, there have been at least eight more chain reorganizations worth around $460,000.
Exchanges React to Attack
A number of exchanges and other platforms that interact with ETC have taken precautionary steps to ensure that their users and the ETC community isn’t negatively affected by the attack. Among them, Bitfly has reportedly increased block confirmations on its mining pool.
US-based crypto exchange Kraken wrote in a post that “as the 51% attack appears to be ongoing, we have temporarily halted ETC deposits and withdrawals,” adding that “[we] will bring ETC funding back online only once we believe it is safe to do so.” Originally, the exchange increased the level of transaction confirmations necessary for ETC transactions from 120 to 500 to prevent false transactions.
Crypto exchange Gate.io posted on its website that although “Gate.io's censor successfully blocked attacker's transactions at the beginning and submitted them to the manual exam,” the censor did pass some false transactions, causing about $40,000 in losses.
“Gate.io will take all the loss for the users,” the post said. Finance Magnates interviewed Gate.io’s Vice President of International Affairs Virgilio Lizardo late in 2018. During the interview, Lizardo said that “Gate sets itself apart by prioritising security and [user] experience.”
At the time of writing, ETC's valuation had sunk roughly seven percent within the last 24 hours to $4.96, according to data from CoinMarketCap.

UPDATE 14.1.2019: Gate.io published a more extensive report on the hack claiming that 54,200 ETC in total (worth $271,500 when the hack occured) had been transferred out of the exchange. In a separate statement on Jan. 8, Coinbase claimed that a total of more than $1.1 million in crypto had been affected during the 51% attack.
---------------------------------------
A 51% attack was confirmed to have hit the Ethereum Classic (ETC) network on January 7, by Bitfly, the operator of the Ethereum block explorer, the Ethernodes node explorers, and an Ethereum Classic mining pool.
We can confirm that there was a successful 51% attack on the Ethereum Classic (#ETC) network with multiple 100+ block reorganization. We recommend all services to closely monitored the chain and significantly increase required confirmations.
— Bitfly (@etherchain_org) January 7, 2019
When a 51% attack is successfully executed, hackers gain the ability to “reorganize” a Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Read this Term or even replace a blockchain with their own version. In addition to a number of other opportunities for malicious behavior that this reorganization or replacement grants to the perpetrators of a 51% attack, hackers can “double spend”--that is, the same coins can be used multiple times in fraudulent transactions.
Rumors of 51% Attack on ETC Originally Appeared January 6
Reports that ETC may have been experiencing a 51% attack originally appeared on January 6 in CoinNess, a Chinese-based coin journal. The publication wrote that transaction rollbacks had triggered an alert for Chinese blockchain security firm SlowMist.
“The ETC community followed up on the development of the incident immediately and learned that there is a private mining pool...that achieves more than 50% of the total network Hash Rate Hash Rate A hash rate is the measure of a cryptocurrency miner’s performance and a key security metric. In the context of mining, the more hashing or computing power in a given network, the greater its security and its overall resistance to attackMining hashrate is a key security metric. The more hashing (computing) power in the network, the greater its security and its overall resistance to attack. Hash rate is also a measurement of the output of a device that is used to add transactions to a blockchain ledgers that run on Proof-of-Work (PoW) algorithms.Hash Rate and Crypto MiningPoW algorithms require the computers that uphold the network and process transactions (called nodes) to solve complex equations in order to reach consensus, or agreement on whether or not a transaction. This process is called mining. Miners are chosen based on which one of them has the most powerful equipment--in other words, the highest hash rate. A hash rate is the measure of a cryptocurrency miner’s performance and a key security metric. In the context of mining, the more hashing or computing power in a given network, the greater its security and its overall resistance to attackMining hashrate is a key security metric. The more hashing (computing) power in the network, the greater its security and its overall resistance to attack. Hash rate is also a measurement of the output of a device that is used to add transactions to a blockchain ledgers that run on Proof-of-Work (PoW) algorithms.Hash Rate and Crypto MiningPoW algorithms require the computers that uphold the network and process transactions (called nodes) to solve complex equations in order to reach consensus, or agreement on whether or not a transaction. This process is called mining. Miners are chosen based on which one of them has the most powerful equipment--in other words, the highest hash rate. Read this Term at certain times,” the report read.
Ethereum Classic itself responded to the report with a Twitter post claiming that the ETC network was “operating normally.”
There have been rumors of a possible chain reorganization or double spend attack.
From what we can tell the ETC network is operating normally. BlockScout's "Reorg" section shows nothing of the sort.https://t.co/Yi2cXusCz9 pic.twitter.com/HdUtS0DJZK — Ethereum Classic (@eth_classic) January 6, 2019
However, the ETC team changed its tune less than eight hours later with another tweet imploring “all exchanges and mining pools” to “please allow a significantly higher confirmation time on withdrawals and deposits (+400).”
To all exchanges and mining pools please allow a significantly higher confirmation time on withdrawals and deposits (+400)
cc @OKEx @ExchangeXGroup @HuobiGroup @digifinex @binance @bitfinex https://t.co/m5cxcKBVXa — Ethereum Classic (@eth_classic) January 7, 2019
Then, without expressly confirming that the attack had taken place, the ETC team then retweeted the original CoinNess article.
At the time of writing, the attack appeared to have subsided--ETHNews reported that the ETC address that is suspected to be associated with the attack has been “silent” since it mined block #7,256,171 nearly twenty-four hours ago.
However, some controversy arose around the attack when US-based crypto exchange Coinbase came forward and said that it noticed a “deep chain reorganization of the Ethereum Classic blockchain that included a double spend” on Saturday, January 5th, a full day before the CoinNess report.
Ethereum Classic responded to the report with a tweet saying that “unfortunately [Coinbase] did not connect with ETC personnel regarding the attack.”
Regarding @coinbase account of recent events: they allegedly detected double spends but unfortunately did not connect with ETC personnel regarding the attack. This is still very much an ongoing process. https://t.co/in1OGdV8T9
— Ethereum Classic (@eth_classic) January 7, 2019
Coinbase’s report on the 51% attack was posted on the company’s Medium blog on January 7. Coinbase Security Engineer Mark Nesbitt, who authored the post, wrote that Coinbase detected "a deep chain reorganization of the Ethereum Classic blockchain that included a double spend" on January 5. The post claims that since then, there have been at least eight more chain reorganizations worth around $460,000.
Exchanges React to Attack
A number of exchanges and other platforms that interact with ETC have taken precautionary steps to ensure that their users and the ETC community isn’t negatively affected by the attack. Among them, Bitfly has reportedly increased block confirmations on its mining pool.
US-based crypto exchange Kraken wrote in a post that “as the 51% attack appears to be ongoing, we have temporarily halted ETC deposits and withdrawals,” adding that “[we] will bring ETC funding back online only once we believe it is safe to do so.” Originally, the exchange increased the level of transaction confirmations necessary for ETC transactions from 120 to 500 to prevent false transactions.
Crypto exchange Gate.io posted on its website that although “Gate.io's censor successfully blocked attacker's transactions at the beginning and submitted them to the manual exam,” the censor did pass some false transactions, causing about $40,000 in losses.
“Gate.io will take all the loss for the users,” the post said. Finance Magnates interviewed Gate.io’s Vice President of International Affairs Virgilio Lizardo late in 2018. During the interview, Lizardo said that “Gate sets itself apart by prioritising security and [user] experience.”
At the time of writing, ETC's valuation had sunk roughly seven percent within the last 24 hours to $4.96, according to data from CoinMarketCap.
