ETHPoW Succumbs to Replay Attack, Drops More Than 38%

Last Updated:
ETHPoW-Succumbs-to-Replay-Attack,-Drops-More-Than-38%
  • Hackers exploited the Gnosis Chain’s Omni Bridge and stole 200 ETHW via replay attack on Ethereum Proof-of-Work.
  • ETHW clarified that the assault wasn’t chain-level.
  • ETHW token down more than 38% in 24 hours.

On Sunday, Blockchain Security Firm, BlockSec, detected an exploit in which an attacker stole 200 ETHW tokens from the Ethereum Proof-of-Work blockchain via replay attack and taking advantage of the Gnosis Chain’s Omni Bridge. At press time, the price of ETHW has dropped more than 38% over the past 24 hours, trading slightly above $5.

It all started with a transfer of 200 ETHW across the Gnosis chain’s Omni Bridge, the exploiter’s initial target. The same transaction was then repeated on the PoW chain to accumulate another 200 ETHW.

Meanwhile, Blockchain Security Firm, CertiK, said that the exploiter had already transferred the funds to the MEXC exchange.

The ETHPoW developers have commented on the situation, saying that the attack took advantage of a flaw in the contracts used by the bridge and not in their own blockchain. The development team also mentioned that they have been trying to contact Omni Bridge since Saturday to let them know about the potential risk.

Omni Bridge hasn’t made any statements at the time of writing.

The BlockSec team identified the underlying cause of the issue as the Omni Bridge on the PoW chain incorrectly verifying the real chainID of the cross-chain message. Likewise, there may be a possibility that other protocols have the same problem.

To this end, the blockchain security firm emphasized the possibility that an attacker may steal a large quantity of ETHW (and other tokens controlled by the bridge on the PoW chain) and then sell them on exchanges. The increased liquidity from this may affect the price of ETHW.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.

CoinStats ad

Latest News