2022-9-18 19:02 |
Ethereum Proof-of-Work (PoW) network suffered a replay attack on September 18 as exploiters replayed a message from the Ethereum POS chain.
According to BlockSec, which first discovered the attack, the exploit happened because the bridge did not correctly verify the actual chainID of the cross-chain message.
1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn't correctly verify the actual chainid (which is maintained by itself) of the cross-chain message.
— BlockSec (@BlockSecTeam) September 18, 2022The exploiter first transferred 200 WETH through the Omnibridge of the Gnosis chain. Then, the same transaction was replayed on the PoW chain to get an extra 200 ETHW.
According to the blockchain security firm, the attacker could drain the balance of the contract on the PoW chain.
CertiK further stated that the exploiter has transferred the funds to MEXC.
ETH PoW team says the transaction replay was not on chain levelETH PoW’s official Twitter account has acknowledged the attack stating that it is not a transaction replay on the chain level. Instead, it is due to the call data replay caused by a flaw in the contract.
The team said:
“(We) Had tried every way to contact Omni Bridge yesterday. Bridges need to correctly verify the actual ChainID of the cross-chain messages.”
Meanwhile, a chain-level replay attack is impossible on the ETHPOW chain as the network enforced EIP-155 before the hard fork. This means that transactions on the ETH proof-of-stake chain cannot be re-enacted on the POW chain or Vice versa.
However, the fact that the exploit is not happening on the chain level might not matter much. The PoW fork has only been live for less than 72 hours and experiencing an exploit this early could affect its potential for more adoption.
ETHW sheds 18%According to Peckshield, ETHW shed 12% of its value on the back of the news.
#PeckShieldAlert Seems like @EthereumPow suffered a replay attack. $ETHW has dropped -12%. Be Alerthttps://t.co/wuPLXsaanN pic.twitter.com/OlDgvNehTh
— PeckShieldAlert (@PeckShieldAlert) September 18, 2022In the last 24 hours, the ETHW token dropped by 17.8%. The token has seen its value massively decline by more than 80% within the last two weeks.
ETHW adoption suffered further blows during the week as Grayscale revealed it would be selling its tokens while Poloniex stated it was listing list EthereumFair (ETF) as its core Ethereum PoW token.
For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.
The post Ethereum Proof-of-Work Suffers Replay Attack, Price Tanks 18% appeared first on BeInCrypto.
Similar to Notcoin - Blum - Airdrops In 2024