ETHPoW Succumbs to Replay Attack, Drops More Than 38%
2022.09.19 06:37
ETHPoW Succumbs to Replay Attack, Drops More Than 38%
- Hackers exploited the Gnosis Chain’s Omni Bridge and stole 200 ETHW via replay attack on Proof-of-Work.
- ETHW clarified that the assault wasn’t chain-level.
- ETHW token down more than 38% in 24 hours.
On Sunday, Blockchain Security Firm, BlockSec, detected an exploit in which an attacker stole 200 ETHW tokens from the Ethereum Proof-of-Work blockchain via replay attack and taking advantage of the Gnosis Chain’s Omni Bridge. At press time, the price of ETHW has dropped more than 38% over the past 24 hours, trading slightly above $5.
1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn’t correctly verify the actual chainid (which is maintained by itself) of the cross-chain message.
— BlockSec (@BlockSecTeam) September 18, 2022
It all started with a transfer of 200 ETHW across the Gnosis chain’s Omni Bridge, the exploiter’s initial target. The same transaction was then repeated on the PoW chain to accumulate another 200 ETHW.
Meanwhile, Blockchain Security Firm, CertiK, said that the exploiter had already transferred the funds to the MEXC exchange.
The ETHPoW developers have commented on the situation, saying that the attack took advantage of a flaw in the contracts used by the bridge and not in their own blockchain. The development team also mentioned that they have been trying to contact Omni Bridge since Saturday to let them know about the potential risk.
Omni Bridge hasn’t made any statements at the time of writing.
The BlockSec team identified the underlying cause of the issue as the Omni Bridge on the PoW chain incorrectly verifying the real chainID of the cross-chain message. Likewise, there may be a possibility that other protocols have the same problem.
To this end, the blockchain security firm emphasized the possibility that an attacker may steal a large quantity of ETHW (and other tokens controlled by the bridge on the PoW chain) and then sell them on exchanges. The increased liquidity from this may affect the price of ETHW.
The post ETHPoW Succumbs to Replay Attack, Drops More Than 38% appeared first on Coin Edition.
See original on CoinEdition
