The Ethereum Classic (ETC) network suffered its second major 51% attack in less than a week on August 6, 2020, when an unidentified attacker orchestrated a massive blockchain reorganization spanning over 4,200 blocks and attempted to double-spend approximately $3.3 million worth of ETC tokens.
TL;DR
- Ethereum Classic hit by second 51% attack in under a week on August 6, 2020
- Attacker reorganized 4,236 blocks in an operation lasting over 15 hours
- Approximately 465,444 ETC ($3.3 million) targeted in double-spend attempt
- 238,306 ETC ($1.68 million) successfully double-spent through Bitfinex and other services
- Same attacker linked to the July 31 ETC attack, using proceeds from the first breach
Attack Anatomy: A 15-Hour Siege on the Blockchain
According to blockchain analytics firm Bitquery, the attack began at approximately 11:50 UTC on August 5, 2020, when the attacker started privately mining a fork of the ETC blockchain. The reorganization was finalized at 02:54 UTC on August 6, affecting blocks numbered 10,935,623 through 10,939,858 — a staggering 4,236 consecutive blocks that were silently replaced.
The attacker, operating from a known address, used rented hash power from NiceHash’s daggerhashimoto marketplace to overwhelm the network’s legitimate miners. By controlling more than 50% of the network’s total hash rate, the attacker was able to build a longer chain in secret and then broadcast it, effectively rewriting transaction history.
Follow the Money: From First Attack to Second
Bitquery’s investigation revealed a direct link between the August 6 attack and the earlier July 31 incident. The attacker recycled funds stolen during the first breach to finance the second operation. Wallet addresses used in the initial attack served as the source of funds for multiple transactions in the second attack.
The attacker attempted to double-spend a total of 465,444 ETC, valued at approximately $3.3 million at the time. Of that amount, approximately 238,306 ETC ($1.68 million) was successfully double-spent through Bitfinex and other cryptocurrency services. Additionally, the attacker accumulated 14,234 ETC in block rewards during the 15-hour mining operation.
Ethereum Classic’s Security Crisis Deepens
The back-to-back attacks exposed fundamental vulnerabilities in the Ethereum Classic network’s security model. ETC, which was born from the original Ethereum blockchain following the 2016 DAO hack, relies on a proof-of-work consensus mechanism with significantly lower hash power than its larger sibling Ethereum.
Ethereum co-founder Vitalik Buterin acknowledged the attacks publicly, drawing attention to the inherent risks smaller proof-of-work networks face when their hash rates are insufficient to prevent takeovers. The incidents reignited debate about the long-term viability of smaller PoW chains in an increasingly competitive mining landscape.
Exchange Response and Market Impact
Major cryptocurrency exchanges responded to the attacks by heightening deposit requirements for ETC, with some implementing significantly increased confirmation times. Binance publicly flagged the attack on social media, alerting users to the network disruption.
Despite the security incidents, ETC’s price showed surprising resilience, declining only modestly in the immediate aftermath. At the time of the attack, Bitcoin was trading near $11,780 and Ethereum at approximately $395, with the broader crypto market capitalization exceeding $340 billion.
Why This Matters
The consecutive 51% attacks on Ethereum Classic represent a cautionary tale for the broader cryptocurrency industry. They demonstrate that hash rate remains the ultimate security guarantor for proof-of-work networks, and that smaller chains with insufficient mining power are inherently vulnerable to sophisticated attackers with access to rented hash power. The attacks also highlighted the growing sophistication of blockchain forensic analysis, as firms like Bitquery were able to trace the attacker’s movements across both incidents in near real-time. For investors and exchanges, the events served as a stark reminder that not all proof-of-work blockchains offer equal security guarantees, and that network hash power should be a primary consideration when evaluating cryptocurrency investments.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Cryptocurrency investments carry significant risk. Always conduct your own research before making investment decisions.
4,236 blocks reorged. That is not a small attack, thats a sustained siege. ETCs security model was fundamentally broken.
Same attacker using proceeds from the first breach to fund the second. PoW chains with low hashrate are sitting ducks.
Bitfinex getting hit for $1.68M in the double spend. exchanges really need better confirmation policies for smaller chains.
0x51pct.eth and they used the first attack proceeds to fund the second. ETC had no defense because renting hashrate was trivially cheap back then
reorg_sam correct, renting hashrate on nicehash cost almost nothing for ETC. the lesson is PoW only works if attacking costs more than the reward
nicehash was basically a rental marketplace for attack hashrate. the fact that it was cheaper to rent than buy tells you everything about small PoW chain security
nicehash made it trivially cheap to rent enough hashrate. ETC was basically a testnet with real money on it
two 51% attacks in one week and ETC is still trading. says everything about crypto market efficiency
tomoko its worse than that. ETC 51% attacks happened THREE times in 2020 alone. market didnt care because hashrate rentals made it cheap entertainment
4,236 blocks reorged over 15 hours and no exchange implemented longer confirmation times for ETC until after the second attack. reactive security at its finest
4236 blocks reorged over 15 hours and exchanges still listed ETC. zero standards for listing criteria back then
4236 blocks reorganized in 15 hours and ETC kept trading. the market literally did not care about chain security