The attackers stole nearly $ 500,000 from the value of the digital currency of Ethereum Classic by making a high-intensity hack that rewrote its blockchain, officials said with Coinbase, a major encrypted currency exchange.
The robbery was the result of carrying out a so-called rollback, which allowed the attackers to reorganize Ethereum's blockchain, said Coinbase's security engineer Mark Nesbitt in a blog post. From there, the attackers were able to "double the expenses" of about 88,500 ETC, which means they were able to recover the previously spent coins and transfer them to a new entity. As a result, the coins were effectively transferred from the legitimate recipients to new entities chosen by the attackers.
"We have observed repeated deep reorganizations of the Ethereum Classic blockchain, most of which contained double expenses," wrote Nesbitt. "The total value of the double spent we have seen so far is 88,500 ETCs (~ $ 460,000)."
Rollback attacks are often referred to as 51% attacks, because in theory they require an attacker to control most of the CPU power that generates a blockchain. This agreement violates a fundamental requirement of any currency based on blockchain: it allows a single entity to write the contents of its shared and universal transaction history.
The function of mining is to add transactions to the shared and universal transaction history, known as blockchain. This is done by producing blocks, which are transaction packages, and by defining the canonical chronology of transactions as the longest chain of blocks. If a single miner has more resources than the entire rest of the network, this miner might choose an arbitrary precedent block from which to extend an alternative block history, eventually overcoming the block history produced by the rest of the network and defining a new chronology of canonical transactions.
This is called in short "reorganization of the chain" or "reorg". All reorgs have a "depth", which is the number of blocks that have been replaced, and a "length", which is the number of new blocks it has replaced.
Said in a different way, a rollback attack generates a new forkchain fork. This causes the nodes to replace the original blockchain with the new one and allows attackers to reverse previous transactions. Reverse attacks require control of a substantial fraction of the total willpower dedicated to the generation of the coin blockchain for a period long enough to be able to launch the attack. Satoshi Nakamoto, creator of Bitcoin, warned of the key limitation in his white paper that introduces digital money.
Coinbase has suspended trading of ETCs after detecting the attack in order to prevent double spending by hitting its users. For their part, ETC officials have confirmed that double expenses are affecting the currency, but they have yet to say anything else.