Ethereum Classic’s 51% Attacker Returns Stolen Cryptocurrency


At the beginning of January, Ethereum Classic (ETC) experienced a 51% attack that resulted in multiple block reorganizations on the Ethereum Classic chain. The attacker stole an estimated $100,000 in ETC tokens but later returned the tokens, according to the exchange—from where the theft occurred.

Ethereum Classic's 51% Attacker Returns Stolen Cryptocurrency

ECT 5-Hour Chart

ETC’s price took a slight hit after news of the attack broke. However, the cryptocurrency appears to have recovered. It currently has a market cap of $463.94M, making it the 18th most popular digital coin, and is in now trading in the $4.20 range.

For those unfamiliar with a 51% attack, it refers to an assault on a blockchain by a group of miners controlling more than 50% of the network’s mining hashrate, or computing power. According to a statement released by, there has been no explanation from the attacker since the funds were returned regarding any motive for the attack.

The exchange posted the following note after the ETC was returned:

“On Jan.10, we found that the recent ETC 51% attacker returned 100K USD value of ETC back to We were trying to contact the attacker but we haven’t got any reply until now. We still don’t know the reason. If the attacker didn’t run it for profit, he might be a white hacker who wanted to remind people the risks in blockchain consensus and hashing power security.

Based on our analysis, the hashing power of ETC network is still not strong enough and it’s still possible to rent enough hashing power to launch another 51% attack. has raised the ETC confirmation number to 4000 and launched a strict 51% detect for enhanced protection. We also suggest other ETC exchanges to take actions to protect the trader from blockchain rollback/reorg.”

Because of the attack, mainstream crypto exchanges such as Coinbase suspended all ETC transactions, causing losses for the platforms. Coinbase security engineer Mark Nesbit reassured customers no accounts were affected by the attack.

The exchange also reported it first identified the deep chain reorganization on January 5. It was at this point it halted on-chain ETC payments to protect customers from becoming victims of a double spend attack.

Crypto Equivalent of a Bank Heist

Over the past few years, a number of cryptocurrencies, including MonaCoin, Bitcoin Gold, Zcash, Verge and Litecoin Cash have been hit with 51% attacks. In each case the attackers were able to amass enough computing power to compromise networks, rearrange their transactions and abscond with millions of dollars. Some would say a 51% attack is the digital equivalent of a bank heist.

Website 51 Crypto, outlined the estimated hourly cost of launching a 51% attack on various cryptocurrencies. By their calculations the recent ETC attack cost the perpetrators $$4,104 per hour of effort.

There are a number of steps which could have been taken by exchanges as well as cryptocurrency developers to avoid such situations. As well, there are ways in which blockchain security can be improved to prevent this from happening again. Unfortunately, this problem is likely to continue to occur since so many proof-of-work (PoW) coins share similar hashing functions.

Is PoW Still Reliable?

For many years, PoW was a secure method for generating consensus in a decentralized network, says Simon Harman, Project Lead at Loki, a privacy network for decentralized transactions. However, he adds:

As time has passed, more and more of this hashrate across cryptocurrencies and hashing algorithms can be found in fewer places. In most cases, each coin only has a handful of major pools and much of the available hashrate for any given algorithm can be found on Nicehash or other rental sites. These trends are not likely to reverse, and so we can consider the decentralization of most PoW coins to be reasonably poor in comparison to the past. However, proof-of-stake (PoS) and delegated proof-of-stake (dPoS) do not necessarily improve this situation either.”

Indeed, explains Sky Guo, CEO of Cypherium, PoW has long been the most reliable blockchain consensus mechanism, maximizing both incentives and security. This is why so many of the top projects in the crypto space continue to rely on PoW mechanisms.

“Even so, it does not maximize the efficiency of resources like energy and money injected into the mining efforts of a cryptocurrency community. As the PoW algorithm is non-resistant to ASIC chips, it is relatively easy to take advantage of. Some cryptocurrencies, like Monero, upgrade their algorithms every six months to prevent this occurrence.

Another way to prevent such attacks is by introducing checkpoints and safeguards within the system to reduce their profitability. Completely abandoning PoW will only lead to more centralization and increased vulnerability. The wisest step forward will be to modify and hybridize the effect of PoW. New generations of decentralized consensus do not need to replace early-stage designs, so much as they need to improve and evolve them.”

On the other side of the argument are those who believe the cryptosphere should develop different, more secure consented protocols. Daniel Schwartzkopff, CEO and co-founder of Invictus Capital, says:

“Smaller cryptocurrencies will need to adopt more secure consensus protocols such as merge-mining, which allows them to be mined simultaneously with much larger PoW blockchains like bitcoin, or shift entirely to proof-of-stake. Merge mining allows the small players to piggyback off the much larger hash rates of the major cryptocurrencies, thus making them more secure.”

Editor’s note: In a recent podcast analyst Clement Thibault discussed the attack and what it means for ETC and the future of cryptocurrencies. He also explained how you can protect yourself from getting caught up in an attack (begins at 02:38)


Please enter your comment!
Please enter your name here