OKEx Confirms $5.6 Million Missing after Attack

One of the popular cryptocurrency exchanges in the market OKEx lived every exchange’s worst nightmare on August 1^st; they were hacked. They have now released a report that explains how $5.6 million was stolen from the digital currency exchange by the Ethereum Classic 51% hacker. The report revealed that the attacker had been planning out the whole thing since June.

How Did it Happen?

According to the report, a total of five accounts were created by the attacker on OKEx between June 26^th and July 9^th. He was essentially laying the groundwork for the eventual attack. The hacker then deposited a total of 68,230.02 ZEC across the five accounts he had newly registered between June 30^th and July 31^st. On July 31^st, later in the day the attacker decided to exchange their ZEC with ETC. The exchange provided him with 807,260 ETC, which had a value of $5.6 million when the exchange occurred. The ETC was subsequently deposited to an external wallet address. Once these steps were taken, the attacker was ready to launch the 51% attack.

As per the allegations, the attacker bought substantial hash power from Nicehash provider daggerhashimoto, so they would be able to gain control of 51% of the Ethereum Classic Network. Once they were able to control 51% of the hash available on the network, the hacker began to ‘shadow mine’ the ETC blockchain. Put simply, the attacker was mining the ETC blockchain, but they were not disclosing the blocks that they had mined to the others. While mining the shadow chain and not broadcasting it, the hacker sent the ETC they had deposited to their external wallet back to OKEx.

They traded all of the ETC for ZEC, which amounted to 78,941.356a and then immediately withdrew all of the ZEC to an external wallet. But, while they were making this move on the main chain, they were doing something different on the shadow chain. The hacker sent the 807,260 ETC from one external wallet to another. Once OKEx confirmed their ZEC withdrawal, the shadow chain was then broadcasted by the hacker to the other miners, which turned out to be the longest chain boasting the most hash power support.

The chain was quickly accepted by the miners as the most valid version of the ETC blockchain. Consequently, the ETC that the hacker had bought with their 78,941.356 ZEC was once again in their possession. Plus, since the exchange had confirmed their ZEC withdrawal, it meant that along with the ZEC, they also got away with 807,260 ETC. The ETC’s attacker’s plan became a success with OKEx out of $5.6 million worth of ETC.

Next Steps

After OKEx understood how the attack had been carried out, they blacklisted all the wallet addresses that the hacker used and suspended the five accounts they had made on the exchange. In addition, all ETC deposits and withdrawals have also been suspended by the exchange until the ETC network can be considered stable. They are planning to increase their confirmation time for ETC transactions for reducing the extent of the attack vector.

OKEx and Bitrue to Add CeFi and DeFi Options Ledger’s CTO Discusses Safety of Wallet after Multiple Setbacks Hacker Steals $15 Million from Yearn Finance’s Unreleased Project FTX Exchange Acquires Blockfolio for $150 Million $130 Million BTC Longs Liquidated on BitMEX with Price Drop Darknet Market Affected by Increasing Exit Scams and Changing Regulations Lawsuit against BitMEX Claims Its Higher-Ups Siphoned Off More Than Just US$400 Million Reasons for Bitcoin’s Price Drop and Why it Wasn’t Surprising Cryptocurrency to Hit 200 Million Users by 2030: Deutsche Bank Report Softbank CEO Supports Crypto Despite $50 Million Loss to Bitcoin