ETC 51% Attackers Address has been Flagged and Shared by SlowMist

[Zed0X]

ETC 51% Attackers Address has been Flagged and Shared by SlowMist



In a noteworthy analysis by the SlowMist team, the ETC 51% attackers address has finally been flagged and shared with partners. The sharing was done to prevent further attacks on other exchanges. The identity of the attacker can finally be established if the involved exchanges are willing to cooperate and assist.

The attack was first reported on January 06, 2019, and SlowMist warned of the likelihood of the ETC 51% attack in SlowMist Zone. The alarm was raised based on the information analysis of the SlowMist Zone Intelligence together with the BTI (Blockchain Threat Intelligence) system. On the next day, ETC official responded on Twitter.

Also, Coinbase responded in their official blog stating that they had identified up to 15 attacks with 12 of those being double spend that totals 219,500 Ethereum Classic (about $1.1 million). The news was received on January 8, 2019. The official confirmed the presence of the ETC’s 51% attack. Seven of the involved transactions were detected rollback.

The Addresses

There are four identified txHash addresses that the attackers used to trade a total of 54200 ETC. The ETC wallet addresses that were owned and manipulated by the assailant are:

0xb71d9CD39b68a08660dCd27B3EAE1c13C1267B10

0x3ccc8f7415e09bead930dc2b23617bd39ced2c06

0x090a4a238db45d9348cb89a356ca5aba89c75256

Since January 6, 2019, SlowMist started focusing and tracking on the BTI system, related blockchain explorer, and related disclosed intelligence. The tracking process discovered that the address that interacted for the first time with the malicious 0x3ccc8f7415e09bead930dc2b23617bd39ced2c06 wallet address was 0x24FdD25367E4A7Ae25EEf779652D5F1b336E31da.

The research and tracking also discovered that the attacker extracted a huge number of ETC from a Binance wallet to another account on transit to malicious wallet address. According to AnChain.ai, the Bitrue wallet address is 0x2c9a81a120d11a4c2db041d4ec377a4c6c401e69. Based on that information, the attack was traced uncovering various transactions that never existed.

The Attacks

The first attack featured a loss of 4000 ETC from Bitrue with another 9000 ETC attack following shortly later. Multiple attacks were made and the information about Bitrue was found consistent with all the information posted on the Coinbase blog. Continuous tracking showed that after the ban of the suspected malicious wallet addresses by exchanges, the attacks subsided on 2019–01–08 at 04:30:17 UTC. https://twitter.com/BitrueOfficial/status/1082595570336690177

The SlowMist team believes that all large attacks must have been backed up by enough funds. The backup was set up under consideration of the risks involving the money and time spent before, during, and after the attack. Also, plans of countervailing traceability costs of any money laundering money after the attack were put in place to shield the identity of the attackers.

Will Exchanges Cooperate?

However, the SlowMist team believes that the identity of the attacker can be determined if the involved exchanges readily cooperate. However, the net mining power for the entire network has reduced as a result of the recent plunge in blockchain funding.

All users who were affected by the 51% on ETC are advised to add a risk control mechanism to the tokens with a profitable space since these types of attacks may arise in the near future.


https://www.cryptovibes.com/crypto-news/etc-51-attackers-address-has-been-flagged-and-shared-by-slowmist/

[Munareal]

This is a very good development. Mechanisms that will identify the culprits is what the crypto space needs.