Cloudflare CEO Concerned about Growth of Ransomware Attacks in the Crypto Space

Cloudflare CEO Concerned about Growth of Ransomware Attacks in the Crypto Space

In an interview on CNBC’s ‘Mad Money,’ hosted by Jim Cramer, Cloudflare CEO Matthew Prince called out crypto exchanges stating these firms “are becoming a popular target for cybercriminals.” According to Prince, cryptocurrency exchanges need to focus more on securing customers’ funds to prevent the rising cases of hacks and ransomware attacks.

Explaining the rising number of hacks on cryptocurrency exchanges, Prince said that money is the primary motivation, similar to bank robbers choosing banks.

“The old adage is, Why do bank robbers rob banks? It’s because it’s where the money is.”

“One of the biggest places that cyber attackers are going after right now is the various cryptocurrency exchanges and other cryptocurrency parts of the universe.”

Over the course of the year, the cryptocurrency ecosystem attracted attention to the rising number of ransomware attacks. Chainanalysis reported over $81 million in ransom was paid by victims by May 2021. Notably, the Colonial Pipeline hack in May raised concerns in the industry. The hackers disrupted fuel supply to some parts of the US East Coast, demanding a $5 million ransom – payable in BTC.

In June, Russian ransomware group REvil infiltrated over 200 companies across the globe via software supplier Kaseya, using its technology management software to spread the ransomware via the cloud. The hackers encrypted one of Kaseya’s tools with infected files, paralyzing hundreds of companies. The hackers then demanded a $70 million ransom, paid in BTC, to negotiate about decrypting the files.

These ransomware attacks have caused considerable debate in the crypto security space and the role that blockchain-based digital currencies play in the rising ransomware attacks. Despite the increasing ransom attacks, some crypto analysts believe blockchains actually help authorities track and arrest hackers easier due to the public nature of Bitcoin’s transactions, which are broadcasted on the network.

San Francisco-based Cloudflare is a web security infrastructure provider that protects companies from online attacks. Its key proposition service provides security to companies to prevent distributed denial of service (DDoS) attacks, which are common on crypto exchanges.

O0n the question if Prince would hold his cryptocurrencies on an exchange protected by Cloudflare, he said, “the company is giving a front-row seat to [its consumers] to prevent the evolving cyber threats they face. The company stays ahead of the curve through innovations that prevent any new forms of ransomware and hack attacks from affecting them.

“We’re proud of the fact that we’ve kept the cryptocurrency customers that are ours secure and safe and helped augment the additional protections that they have in place.”

“I’d feel safe using any of the cryptocurrency exchanges that use Cloudflare today.”

Apart from technically dealing with hackers, the US government is also fighting the rising cases of ransomware attacks. In June, the U.S. President’s national security advisor called on the G7 countries to unite and fight against the consistent ransomware attacks on national sites.

In a briefing from the White House press, Jake Sullivan, selected as Joe Biden’s national security advisor, called on the regulation of the cryptocurrency ecosystem as it represents “the core of how these ransomware attacks are carried out.”

Read Original/a>
Author: Lujan Odera

BSV Network ‘Enduring A Series of Block-Reorganisation Attacks’ Sees Hash Rate Crashing Over 52%

BSV Network ‘Enduring A Series of Block-Reorganisation Attacks’ Sees Hash Rate Crashing Over 52%

Due to the 51% attack, which the Bitcoin Association says is currently going on and law enforcement authorities have been reported, Coinbase has halted BSV withdrawals and stopped all BSV trading.

Bitcoin SV has suffered a 51% attack, and crypto exchange Coinbase has halted BSV withdrawals.

“Due to the 51% attack that has occurred on BSV today, we are stopping all BSV trading,” said the exchange late on Tuesday.

On Tuesday morning, the network suffered a 51% attack, according to Lucas Nuzzi, an analyst from the crypto intelligence firm CoinMetrics, who reported confusion across mining pools after the attack.

“Some serious hashing power” was reported to be unleashed on the network in order to take control of more than 50% of the Proof-of-Work (PoW) blockchain.

“FARUM (its blockchain security monitoring tool) has identified a 51% attack today on the BSV network at around 11:45AM EDT,” noted Coin Metrics. “All of our FARUM nodes witnessed a deep reorg with a max depth of 14 blocks. No further reorganization events have been witnessed, but there are still synchronization conflicts taking place on major mining pools.”

Following the attack, Bitcoin Association recommended node operators to mark the fraudulent chain invalid so that nodes can be returned to the chain supported by honest miners and the attacker’s chain is locked out.

In a report on Wednesday, the Bitcoin Association noted that the BSV network is “currently enduring a series of block-reorganisation attacks by a malicious actor attempting to illegally double-spend BSV coins.”

It is believed to be the same attacker that previously initiated block re-organisation attacks against the BSV network on June 24 and then three times the next month.

The Bitcoin Association said it is collecting evidence of the illegal activity and actively working with law enforcement authorities in affected jurisdictions.

Bitcoin SV (BSV) is a hard fork of Bitcoin Cash (BCH) which itself was a hard fork of Bitcoin (BTC). BCH 1.36% Bitcoin Cash / USD BCHUSD $ 548.49
$7.461.36%
Volume 1.79 b Change $7.46 Open $548.49 Circulating 18.81 m Market Cap 10.32 b
6 h $162 Billion Asset Manager Files for a Crypto Basket ETF 10 h BSV Network ‘Enduring A Series of Block-Reorganisation Attacks’ Sees Hash Rate Crashing Over 52% 1 d Investors Took Profits on BTC & ETH In the Recent Price Surge, But Invested in Multi-Asset Products
BTC 3.53% Bitcoin / USD BTCUSD $ 39,799.30
$1,404.923.53%
Volume 25.33 b Change $1,404.92 Open $39,799.30 Circulating 18.78 m Market Cap 747.29 b
6 h Genesis Records 13 Consecutive Quarter of Growth, Reports Rotation Out of BTC into ETH While DeFi Attracts Funds 6 h $162 Billion Asset Manager Files for a Crypto Basket ETF 8 h Grayscale Hires its Global Head of ETF After SEC Chair Pours Cold Water on Physically-backed Bitcoin ETF

This attack saw the hash rate of the network falling by 52.74% in the past 24 hours, as per Bitinfocharts. It is due to not having the security of a large hash rate that despite having the same algorithm as the leading cryptocurrency that it takes less than $5,600 to 51% attack BSV for an hour, as it has been so many times and less than $23k for BCH compared to Bitcoin’s $1.66 million.

The attack, however, didn’t have any impact on BSV price, which as of writing, is trading at $138.53, down only about 2% in the past 24 hours. From its mid-April peak of about $490, BSV is currently down 71.5%.

Read Original/a>
Author: AnTy

A Hattrick of Attacks: Thorchain (RUNE) Exploited, Yet Again, for $8 Million

A Hattrick of Attacks: Thorchain (RUNE) Exploited, Yet Again, for $8 Million

Decentralized exchange (DEX) Thorchain suffered a “sophisticated” attack that led to a loss of about $8 million just a week after being exploited for $5 million. This year alone, the exchange has been attacked three times.

This time, the attack was on the ETH Router, and a whitehat hacker deliberately limiting their impact.

As a result, the network halted the ETH Router until it could be peer-reviewed by audit partners on priority. The exchange announced that liquidity providers (LPs) in the ERC-20 pools would be subsidized.

“Thorchain has had a horrible month, not going to sugar coat it. Bleh. The project needs to slow down. Time to take the tortoise strategy. Regardless, I remain a committed supporter and am glad these issues are being discovered during chaosnet,” said Erik Voorhees, CEO of cryptocurrency exchange ShapeShift, which recently announced the dissolution of the company to become a DAO.

The team said the plan is to keep the network chain halted and review all chain clients internally and externally. Once solvency is restored and everyone is satisfied, then restart it.

Thorchain further assured from Twitter that no loss had been suffered by LPs to date, with the treasury bearing the burden. The team noted that while a painful lesson, “that’s what was chosen when Chaosnet was launched.”

“To be fair here, ultimately, the real test always has to happen in public, with real money involved. Everything else is just playing. No public money has been lost, as the treasury of the project is covering these hacks. That doesn’t mean it’s okay, though.”

Erik Voorhees CEO of ShapeShift

Thorchain further shared on Twitter that it will be awarding the whitehat hacker the requested 10% bounty if they reach out, which they encourage them to do so.

According to a message shared in the project’s Discord, the hacker claimed to have deliberately minimized the exploit to teach Thorchain a lesson, saying they could have stolen Bitcoin (BTC), Ether (ETH), Binance Coin (BNB), Lycancoin, and many BEP-20 tokens if they had wanted to.

BTC 3.93% Bitcoin / USD BTCUSD $ 33,581.55
$1,319.753.93%
Volume 22.55 b Change $1,319.75 Open $33,581.55 Circulating 18.76 m Market Cap 630.15 b
9 h Bitcoin Depot Deploys Over 700 Crypto ATMs Across Circle K Stores 10 h AAVE Reveals its TradFi Arm, Aave Arc, Which Will Be Governed by its Token Holders 11 h A Hattrick of Attacks: Thorchain (RUNE) Exploited, Yet Again, for $8 Million
ETH 4.92% Ethereum / USD ETHUSD $ 2,124.78
$104.544.92%
Volume 16.2 b Change $104.54 Open $2,124.78 Circulating 116.81 m Market Cap 248.2 b
8 h Ethereum Draws Closer to PoS Migration With EIP-3675 Launching on GitHub 9 h Reddit Is Building on Ethereum Scaling Solution Arbitrum 10 h AAVE Reveals its TradFi Arm, Aave Arc, Which Will Be Governed by its Token Holders
BNB 1.92% Binance Coin / USD BNBUSD $ 299.28
$5.751.92%
Volume 1.85 b Change $5.75 Open $299.28 Circulating 168.14 m Market Cap 50.32 b
11 h A Hattrick of Attacks: Thorchain (RUNE) Exploited, Yet Again, for $8 Million 1 w Investors Seeking Diversification in Crypto with Multi-Asset Products Recording Largest Inflows: CoinShares Report 1 w Ethereum Scaling Solutions Continue to Record User Growth in Ongoing Boring Market Condition

The hacker further said they found “multiple critical issues” and that a 10% bug bounty could have prevented the incident.

“Do not rush code that controls nine figures,” the hacker said, “Disable until audits are complete.”

In April, Thorchain finally launched its multi-chain Chaosnet after three long years of development.

“The complexity of the state machine is currently its Achille’s heel, but this can be solved with more eyes on, as well as a re-think in developer procedures and peer-review.”

This hack resulted in RUNE’s price dropping 26.5%, recovering to about $4, down 82% from its May peak of nearly $21.

Read Original/a>
Author: AnTy

Russian Ransomware Group, REvil, Attacks 200 Firms, Demands $70 Million in Bitcoin

Russian Ransomware Group, REvil, Attacks 200 Firms, Demands $70 Million in Bitcoin

Russian-based ransomware group REvil has again attacked no less than 200 firms in its latest operation. The group is demanding a ransom of $70 million in Bitcoin as ransom to release the stolen data.

Firms Hacked Through Software Supplier Kaseya

According to Reuters, REvil targeted software supplier Kaseya and used its technology management software to spread the ransomware via the cloud.

One of Kaseya’s tools, VSA, used by several firms, was encrypted with infected files, paralyzing hundreds of firms.

“More than a million systems were infected. If anyone wants to negotiate about universal decryptor – our price is $70 million in Bitcoin,” the ransomware group said as reported in a dark website, Happy Blog.

Updating firms on the incident, Kaseya said it was working on a patch that would increase the security of its VSA server. It also advised its customers to continue to remain offline until it is safe to restore operations.

Ransomware attacks by REvil have been constant these past few months. In May, the Russian group attacked a major pipeline firm, Colonial Pipeline, and received a $5 million ransom after spurring a gas crisis in the US.

That same month, JBS Holdings, the world’s largest meat company, was also attacked by the same group, which led to an $11 million ransom payment.

CNA Financial. CNA, one of the largest insurance companies in the US, reportedly paid $40 million in Bitcoin to restore access to its network after a ransomware attack.

Biden Taking Ransomware Attacks Seriously

Over the past few months, US president Joe Biden and his administration have taken a more serious stance on ransomware attacks.

The US Department of Justice (DoJ) had previously said that it would start treating these attacks with the same urgency it treats terrorism.

US Officials have spent the past few months scrutinizing these crimes while also tracing payments. Last month, the officials disclosed that they had recovered most of the $4.4m ransom paid to the hackers responsible for the Colonial Pipeline attack.

In a bid to curtail these attacks, last month, President Biden also met with Russian President Vladimir Putin to discuss and proffer solutions. Biden had told Putin that if ransomware attacks continued and were found to be from Russia, there would be consequences.

During a recent public appearance, Biden said that he had directed the US intelligence agencies to investigate the ransomware matter.

Biden’s statements come after the US Department of State’s official Victoria Nuland spoke about the Colonial Pipeline hack. In a meeting with Salvadoran president Nayib Bukele, Nuland said the US State Department was taking a tough look at bitcoin due to the Colonial Pipeline ransomware hack.

Read Original/a>
Author: Jimmy Aki

Ransomware Attacks: US Rep Asks Colonial Pipeline, CNA Financial for Payment Details

Ransomware Attacks: US Rep Asks Colonial Pipeline, CNA Financial for Payment Details

Two US companies and ransomware victims, Colonial Pipeline and CNA Financial, have been asked to reveal details of the payments made to hackers before they recovered their data.

US Rep. Carolyn Maloney sent letters to the firm on Thursday requesting that they release payment documents relating to the communications made with the ransomware attackers.

Maloney Fixes June 12 Deadline For Documents

Colonial Pipeline and CNA have been given until June 12, approximately two weeks to gather the materials and send them to the House Oversight Committee.

In the letters, Maloney requested all documents that detail how the attack was discovered, whether the companies sought external consultation about paying the ransoms, and documents detailing the decryption tools provided by the attackers.

According to Maloney, detailed information about the ransom payments made to cybercriminals is required to legislate effective laws on cybersecurity and ransomware in the country.

“I am extremely concerned that the decision to pay international criminal actors sets a dangerous precedent that will put an even bigger target on the back of critical infrastructure going forward,” she said in a press release.

Colonial Pipeline was hacked in May by hackers believed to be from Russia. The company was forced to shut down due to the ransomware attack, which created fuel shortages in the Southeastern states. The company reportedly paid $4.4 million in ransom.

Another ransomware attack happened later in the same month against CNA Financial. CNA, one of the country’s largest insurance companies, reportedly paid $40 million in Bitcoin to restore access to its network.

Apart from these two companies mentioned above, other companies have also been attacked as ransomware hackers continue to terrorize US companies.

A few days ago, JBS SA, the largest meat producer globally, was forced to shut down its US beef plants after a ransomware attack. Details are, however, unknown as to whether a ransom has been paid or not.

Ransomware Attackers to Face Growing Scrutiny In The US

The constant rate at which ransomware hackers attack firms and the cryptocurrency payments the hackers often induce has heightened the US government’s concern.

The US Department of Justice (DoJ) disclosed yesterday that it would start treating these attacks with the same urgency it treats terrorism.

The DoJ also sent a memo to the state US attorney offices and branches, asking US attorneys to file urgent reports if they hear of a significant ransomware attack.

These actions by the Justice Department to push ransomware into this special process show just how much the government is prioritizing the issue.

Read Original/a>
Author: Jimmy Aki

Experts Call for Crypto Regulation as Ransomware Attacks Are On the Rise

Experts Call for Crypto Regulation as Ransomware Attacks Are On the Rise

A panel of experts calls for aggressive tracking of Bitcoin and other cryptos in the light of growing ransomware attacks. Ransomware gangs collected about $350 million last year, more than 3x of 2019.

“There’s a lot more that can be done to constrain the abuse of these pretty amazing technologies,” said Philip Reiner, chief executive of the Institute for Security and Technology, who led the Ransomware Task Force.

The new rules proposed are aimed at the anonymity of crypto transactions, Reuters reported a source as saying. It will recommend steps like extending KYC regulations to crypto exchanges, money laundering rules to facilities converting currency, and tougher licensing requirements for those processing cryptocurrencies.

“That would be huge,” said an anonymous senior Homeland Security Official.

“This is a world that was created exactly to be anonymous, but at some point, you have to give up something to make sure everyone’s safe.”

Last year, the U.S. Marshals Service seized over $150 million in crypto-assets and offered them to the public at auction.

Amidst this, the House has passed a bill that will provide clarity to crypto asset regulation in the country.

The bill passed by the US House of Representatives last week is H.R. 1602, “Eliminate Barriers to Innovation Act of 2021,” which has now been sent to the Senate. If passed and signed into law, this will provide much-needed clarification to the industry. It would commission a working group to evaluate how the US currently treats crypto assets.

Read Original/a>
Author: AnTy

Cryptocurrency Ransomware Attacks Surged Over 300% in 2020: Chainalysis’ Crime Report

Cryptocurrency Ransomware Attacks Surged Over 300% in 2020: Chainalysis’ Crime Report

Revenue from crypto-related crime was reduced by 53% last year. Illicit funds, scams, and proceeds of crime through crypto also dropped. However, The value of ransomware attacks tripled, generating over $350 million.

Chainalysis’ “Crypto Crime Report 2021” shows a significant decrease in cryptocurrency-related crime across 2020, revenue from these illicit activities dropping by $5 billion, or 53%, from the previous year. The total illicit activity compared to the total transactional volume also dipped to only 0.34% in 2020, or $10 billion – a sharp dip from the 2.1% ($21.4 billion) recorded in 2019.

Overall, cryptocurrency-related scams and illegal activities are falling. Only a small portion of illicit activity is left in the crypto ecosystem. The overall illicit value from crypto is falling compared to illicit funds in traditional finance, the Chainalysis report reads.

As was the case in 2019, scams made up the biggest chunk of crypto-related crime – reporting $2.7 billion, a sharp 71% drop from $9 billion the previous year. Interestingly, the number of individual scams made to scam wallets rose by 48% across 2020 to 7.3 million individual scams. The sharp drop in value in 2020 mainly arises from the fact that no scam is close enough to the magnanimous PlusToken Ponzi scam in 2019.

Across 2020, the total crime value from scams and other illicit acts raised nearly $10 billion, dropping from $20 billion in revenue collected by bad actors in 2019.

Despite the celebrations, the value from ransomware attacks tripled in the past year, representing 7% of all the illicit crypto-based transactions. At $350 million in value across 2020, crypto-ransomware attacks grew over 311% in a year – the largest growth amongst the report’s illicit categories. The spike is attributed to the global Covid-19 pandemic, which prompted the “work from home” culture, presenting new vulnerable opportunities.

Darknet markets and stolen funds witness a less dramatic increase than ransomware – a 29% increase and a 4% increase from 2019’s values, respectively.

Earlier in the year, Chainalysis reported that the total number of cryptocurrency crimes had fallen over 83% in 2020, as regulation and exchange compliance came alive during the year.

Read Original/a>
Author: Lujan Odera

Post-COVID Rebuilding Period to Include Massive Crypto Crimes: Kaspersky Labs

2020 has been brutal. This year witnessed a wave of cyber attacks on companies as the lockdown forced companies and their employees to work remotely. As things settle down and countries reopen, a new report has sounded the alarm on possible attacks for post-covid.

No Rest for the Crypto Space

Top cybersecurity solutions provider Kaspersky Labs shared a report revealing that the post-COVID era could come with a significant number of cryptocurrency attacks. The report focused primarily on financial institutions, and it was compiled by Kaspersky’s cyber threat research arm Securelist.

Securelist argues that the post-COVID era would be marked by extreme poverty, with many still out of a job and transitioning between jobs as companies try to get back on their feet. With little to no income coming in, many unemployed could turn to cybercrime to maintain a “living.” Ultimately, this could lead to an increase in criminal activity related to Bitcoin.

Securelist highlighted that Bitcoin’s popularity means that it would most likely be the asset of choice for many prospective criminals. The research arm highlighted in its report,

“We might see certain economies crashing and local currencies plummeting, which would make Bitcoin theft a lot more attractive.

We should expect more fraud, targeting mostly BTC, due to this cryptocurrency being the most popular one.”

However, Securelist also pointed out that many of these hacks could focus on Monero, the most famous privacy-focused cryptocurrency. With assets like Bitcoin and Ether becoming easier to track, privacy coins would be the next gold rush.

The crypto space has been relatively silent when it comes to criminal activity. Crypto analytics firm CipherTrace pointed out in a report from earlier this month that the volume of crypto crime in the industry had declined significantly from 2019.

Per an account from Reuters, the report explained that the first ten months of 2020 saw $1.8 billion in crypto crime. This number pales in comparison to the $4.4 billion reported last year.

Increased Ransomware Crimes

The rate of cryptocurrency crimes slowed in 2020 as exchanges and custodial companies strengthen their security and internal processes. Despite this reduction, ransomware attacks demanding cryptocurrencies are gradually becoming the norm.

In 2020, the Federal Bureau of Investigation reported a 75 percent increase in ransomware attacks on the health sector. Businesses in these sectors and other educational organizations spent over $100 million to retrieve their data from ransomware gangs.

In addition to the cost spent on attackers, U.S government agencies also coughed up over $150 million on restoring their networks, investigating security breaches, and setting up preventive measures.

As of August, McAfee Security confirmed that NetWalker, one of the top ransomware variants, had generated $25 million for its users in just four months.

To make matters worse, NetWalker was only discovered in 2019. However, the group operating it reportedly earned a ransom income of 2,795 BTC (about $25 million at the time) – between March 1 and July 27, 2020.

The report highlighted that part of the ransomware’s profitability had been due to its Ransomware-as-a-service operation. The operators have developed an affiliate revenue sharing system that allows other operators to earn funds from ransoms paid by victims.

Read Original/a>
Author: Jimmy Aki

Ethereum Classic Labs Proposes New Security Plan To Prevent Future 51% Attacks

  • After suffering two major 51% attacks, Ethereum Classic (ETC) developers released a robust “Security Plan” to prevent future attacks.
  • The security plan will take three to six months to implement fully, the statement reads.
  • The plan short term changes, including tactics such as defensive mining and increased network monitoring
  • Plan also outlines long term changes, including changing the consensus algorithm and introduction of a treasury system.

In a published document on August 19, the ETC accelerator, Ethereum Classic Labs, released proposed solutions to further secure the network after two successive 51% attacks earlier in the month. The proposed plan, as mentioned before, will roll out in the next three to six months, with some of the security measures coming immediately.

Immediate changes to guard 51% attacks

The first immediate change to guard against these attacks is the implementation of ‘defensive mining.’ This will work through miners and mining pools cooperation to prevent attacks by raising the hash rate and maintain a consistent mining hash rate making it harder to pull off 51% attacks.

An enhanced monitoring service across the network will also harmonize the mining of ETC to prevent spikes in hash rate and keep in check prices across the mining pools. Monitoring the blockchain will further assist in quick identification of anomalies on the network. Notwithstanding, ETC Labs will closely work with exchanges in whitelisting services and work on implementing longer and safer confirmation times.

The ETC Core development team is also advocating for the immediate implementation of the ‘Permapoint’ finality arbitration system aiming “to inhibit chain reorganizations while maintaining consensus among nodes aggressively.”

The long term strategy

The long term security plan will be more community-driven as it will impact the core of the blockchain, the statement reads.

First option circles around increasing the resistance to 51% attacks with the Pirl Community proposing an introduction of ‘penalty blocks’ through ECIP 1092. This states that instead of the standard auto synchronizing of any offline pre-mined chain branch, “the new protocol should require peer proposing the longer and heavier chain to mine the penalty blocks.” This makes a 51% attack through chain reorganization more expensive and time-consuming. This could take up to 3 months to implement.

Secondly, a total change of current proof-of-work (PoW) system to either Keccak-256 or RandomX is proposed. Currently, ETC uses the same mining algorithm as Ethereum – Ethash – and a move to a new algorithm could help the blockchain “step out of the shade of the Ethereum network.” This is estimated to take up to 6 months to implement if the testnet works.

Also Read: OKEx Considers Delisting ETC After $5.6M Loss Due to a 51% Attack

Read Original/a>
Author: Lujan Odera

OKEx Exchange Considers Delisting ETC After $5.6 Million Loss Due to a 51% Attack

OKEx will consider delisting Ethereum Classic (ETC) following the recent 51% attacks that saw the crypto exchange lose $5.6 million. This was prompted by a double-spend where the attacker created confusion by launching a ‘shadow chain’ and leveraging OKEx’s high ETC liquidity. A report released by the crypto exchange on August 15 details:

“As for why the attacker(s) chose OKEx in particular to purchase and trade their ETC, the most likely reason is liquidity. OKEx provides excellent ETC liquidity, seeing some of the largest ETC transaction volumes in the industry.”

ETC’s 51% Attack Via OKEx

As per the report, this attack was well orchestrated and had been in play since June, when the malicious actors created five accounts with OKEx. The crypto exchange went on to approve the KYC documents of these attackers, not knowing the underlying motive. Interestingly, all these accounts passed the platform’s level 2 and 3 KYC protocols, which attracted an increase in their withdrawal limits.

Having penetrated the OKEx ecosystem and gaining liquidity exposure to ETC, the attackers went on to deposit 68,230.02 ZEC into their OKEx accounts. These funds were then converted to ETC and withdrawn to multiple external addresses, totaling $5.6 million worth of Ethereum classic. With the funds already transferred, the attackers initiated the 51% attack, which took place in three stages.

“The whole operation can be broken into three stages: 1) the creation of a “shadow chain” or a secret, alternate chain to ETC’s mainnet, 2) the actual double-spend, and 3) the profound chain reorganization that resulted in losses to OKEx.”

OKEx Bares the Losses

OKEx has since clarified that the company bore the $5.6 million loss, according to its user protection policies, which means that ETC funds deposited with them remained safe. The 51% attack on the ETC blockchain took place twice, with the initial one being on August 1 while the second followed on August 6. OKEx was, however, only affected by the first attack since it had already halted ETC deposits and withdrawals.

The exchange noted that it took some short and long-term measures to prevent such a risk in the future. If not delisted, OKEx plans to increase ETC confirmation times should the community act on improving the security of this blockchain. According to the company’s CEO, Jay Hao, they are not in a rush to delist ETC given its significance in the platform’s liquidity:

“Given ETC’s popularity and standing, we are not rushing into delisting … However, they need to implement significant upgrades to the network to reduce the chances of another 51% attack happening.”

Read Original/a>
Author: Edwin Munyui