Specialists of the OKEx cryptocurrency exchange conducted a study on how hackers were able to steal about $ 5.6 million in ETC during a 51% attack on the Ethereum Classic blockchain.
Recall that on August 1, a 51% successful attack was made on the Ethereum Classic blockchain - the network split, and 3,693 “extra” blocks were added to it. This attack was repeated on 6 August.
According to a study by OKEx, the hacker began preparing for attacks on June 26 by creating several fictitious accounts on the OKEx exchange. It is noteworthy that they all went through the second and third levels of the KYC procedure in order to increase the withdrawal limits. On July 30, these accounts received deposits in confidential ZEC coins, totaling 68,230 ZEC. At the same time, the hacker was creating a "shadow chain" of the ETC blockchain - an alternative record of transaction history, hidden from other miners. On July 31, the hacker exchanged all ZECs for ETC, receiving 807,260 coins, the value of which at that time was about $ 5.6 million. Then the ETC were moved to the hacker's external addresses.
On the same day, the hacker launched a 51% attack on Ethereum Classic, initiating his shadow chain. The legitimate and fictitious transaction history contained records of the movement of 807 260 ETC from OKEx to external addresses of the attacker. During the attack, the hacker sent all previously received ETC back to OKEx and sold them for 78,900 ZEC, which he immediately withdrawn.
Considering that at that moment the hacker controlled more than 51% of the hashing power, he could create new blocks much faster than other miners. As a result, the shadow chain grew longer than the true history of ETC transactions. In the history of transactions created by the attacker, everything looked as if 807,260 ETC were sent not to OKEx, but to other addresses of the hacker. Thus, the hacker managed to convince the exchange to make deposits.
OKEx later blacklisted addresses that could be used to carry out this attack, and also shut down five of the hacker's accounts. In the future, the platform plans to increase the confirmation time for ETC deposits and withdrawals. Additionally, if the Ethereum Classic network does not improve security, OKEx may stop trading ETC.
Last month, the Bitcoin Gold network was also attacked 51% - attackers tried to spread a chain of 1,300 of their blocks.
Source: https://www.okex.com/academy/en/okex-responds-to-ethereum-classic-51-attacks-reveals-its-hot-wallet-system-incident-report/
If you add the source to your article I'll tip you on the article. Thanks.