Slashdot Mirror

← Back to Stories (view on slashdot.org)

Coinbase Suspends Ethereum Classic (ETC) Trading After Double-Spend Attacks (zdnet.com)

Posted by msmash on from the for-the-record dept.

Cryptocurrency trading portal Coinbase delisted the Ethereum Classic (ETC) currency Monday after detecting a series of double-spend attacks over the last three days. From a report: In layman terms, double-spend attacks are when a malicious actor gains the majority computational power inside a blockchain, which they then use to enforce unauthorized transactions over legitimate ones. According to a security alert published today by Coinbase security engineer Mark Nesbitt, this is exactly what's been happening on the Ethereum Classic blockchain for the past three days, since January 5. Nesbitt says that a malicious actor has carried out 11 (at the time of writing) double-spend attacks during which he moved funds from legitimate accounts to their own. [...] According to Crypto51, it only costs $5,029 to rent enough computing powerto overwhelm the ETC blockchain with your own miners and gain 51 percent hashing power to carry out a double-spend attack.

15 of 116 comments (clear)

  1. Re:This is why we can't have nice things. by klubar · · Score: 5, Insightful

    Tell me again why bitcoin is so much more secure than the traditional banking system.

  2. Re:This is why we can't have nice things. by Sarten-X · · Score: 4, Funny

    Because it's distributed, so a bad guy would have to have huge computing resources to overwhelm the good guys! That'll be so expensive it won't be worth the cost.

    Oh, wait...

    --
    You do not have a moral or legal right to do absolutely anything you want.
  3. CryptoCurrencyFails by sdinfoserv · · Score: 2

    When a physical bank is robbed, everyone who has dollars in their pockets still has whole dollars. The theft had zero effect on the value of your pocket or what you can buy. When a crypto-currency exchange gets hacked (aka robbed), the value of what you own can tumble. Plus, add in the shear insecurity of crypto-currency, and you have the reasons why it's a complete failure and nonsense.

    1. Re:CryptoCurrencyFails by Drethon · · Score: 5, Insightful

      When a physical bank is robbed, everyone who has dollars in their pockets still has whole dollars. The theft had zero effect on the value of your pocket or what you can buy. When a crypto-currency exchange gets hacked (aka robbed), the value of what you own can tumble. Plus, add in the shear insecurity of crypto-currency, and you have the reasons why it's a complete failure and nonsense.

      These days when a physical bank is robbed, they have insurance backing up their virtual dollars, as well as tracking that can get back stolen (digital) money in many cases (from what I've been told, not an expert). So while the government can track your transactions through banks, the bank also provides more security. All depends on what you value most.

    2. Re:CryptoCurrencyFails by Anonymous Coward · · Score: 2, Interesting

      When a physical bank is robbed, everyone who has dollars in their pockets still has whole dollars. The theft had zero effect on the value of your pocket or what you can buy.

      When a crypto-currency exchange gets hacked (aka robbed), the value of what you own can tumble. Plus, add in the shear insecurity of crypto-currency, and you have the reasons why it's a complete failure and nonsense.

      That is incorrect. When a physical bank is robbed you lose your money. The only reason you are protected in the US is because the accounts are insured by FDIC up to $250K. The government (your taxes) foots the robbery loss. And if your safe deposit box is robbed your grandmother's ring is gone for ever.
      Crypto Exchanges also have insurance. So if coinbase is "robbed", insurance kicks in - just like your physical bank. Might not be as good as FDIC but then your taxes are not funding it.

      As for you second point, while physical currency is not susceptible to exchange hacking, it is to foolish government policies. Remember GBP? Or the various European currencies that suffered worse losses than many cryptos.

    3. Re:CryptoCurrencyFails by MtHuurne · · Score: 2

      This is not a case of the exchange getting robbed though, it is the currency itself that got attacked. The problem with proof-of-work is that if someone manages to control over half the mining power, they get to decide which transactions happen and which do not. The theory was that there would never be a single party in that position, but apparently that theory doesn't apply to the less popular coins.

    4. Re:CryptoCurrencyFails by Anonymous Coward · · Score: 2, Interesting

      Actually, the dollar is very resistant to that. The North Korean government printed "superdollars", almost undetectable forgeries for a decade and had no significant impact on the value of the dollar. There was also another source, probably Iranian, that was printing them in the 80's and early 90's and again, didn't have a huge impact on the value of the dollar.

  4. Re:This, ladies and gentlemen, is how crypto fails by Anonymous Coward · · Score: 2, Interesting

    China controls 80% of the hashpower for Bitcoin, between 4 major pools that it controls. China sets the price of Bitcoin and consequently most other cryptocurrencies.

    it is no coincidence that the crash in crypto roughly coincided with the Cheeto-in-Chief declaring TradeWars on China.

  5. It has to be expensive to be secure by goombah99 · · Score: 2

    The achilles heel of bitcoin is that it has to be expensive to be secure. The cost of securing 51% needs to exceed the profitability of achieving it. Thus as the market cap of bitcoin rises, the greater the potential to engage in a profitable double spend. So the cost of the transactions has to rise. SInce the transaction reimbursement has to cover the cost of the hash confirmation and that's paid in bit coin then either the fees or the reward value has to increase. This may possibly, but not necessarily, indirectly pressure the value of a bit coin to rise, further increasing the market cap.

    There are some newer currencies just created that appear, at my superficial glance, to escape from some of that pressure on the cost of the transaction securing the block chain.

    But for bit coin and similar one is stuck with proof of work having to be exorbitant as the profitability of foul play rises. Eventually the only people who can mine are the people who steal electricity. It's not a bug, it is in fact the ONLY thing that makes it work at all other than pure good will and altruism

    --
    Some drink at the fountain of knowledge. Others just gargle.
  6. Re:Blockchain generally? by Anonymous Coward · · Score: 2, Insightful

    Btw, ETC is a minority fork of ETH, so nobody cares about ETC and it has near zero use

    Somebody cared enough to marshall enough computing power to overwhelm the network, which is why we are discussing this.

  7. Re: This is why we can't have nice things. by Anonymous Coward · · Score: 4, Insightful

    I find it amusing how bitcoin and its associated spin offs have replicated financial history. PhD candidates will be writing papers on this idiocy for years to come.

  8. Re:This is why we can't have nice things. by Oswald+McWeany · · Score: 4, Insightful

    And one is also expected to trust at least half of those controlling the computing resources... not sure I trust a fraction of that number.

    And "trust" is your only option- it's all you can do, you can't rely on law enforcement to protect you eCoins. Because eCoins are not backed by government or insured by governments, governments are less inclined to help you get your money back if stolen by thieves and hackers.

    --
    "That's the way to do it" - Punch
  9. Cost is $4700 as of January 8th by FeelGood314 · · Score: 2

    The trouble is that it used to be expensive to have 51% of the computing power because of all the hardware you would have to buy. That is no longer true. Now I can rent the computing power to have 51% computing power for the length of the confirmation period. Here is a link https://www.crypto51.app/ to the cost to rent so much computing power and the percentage of the required computing power you can rent. You will notice that as of January 8th you could rent 102% of the computing power to launch a 51% attack on Etherium classic and it would only cost you $4700

  10. Re:This is why we can't have nice things. by CaptainDork · · Score: 2

    ... bitcoin has much much more security ...

    That's because it's transmorgrified into a speculative gambling architecture. The blockchain is static in size and all that's left is to rearrange the Monopoly money.

    --
    It little behooves the best of us to comment on the rest of us.
  11. Re: This is why we can't have nice things. by jythie · · Score: 2

    So much of their creation was rooted in people lamenting about how much more wonderful things were in the past, without understanding what went wrong then. So yeah.. amatures recreating mistakes professionals dealt with 200 years ago.