First hack of Ethereum hardfork leads to loss of 200 ETHW

First hack of Ethereum hardfork leads to loss of 200 ETHW

Hacker took advantage of OmniBridge protocol vulnerability and withdrew funds in new tokens

The first hack of a smart contract on the new Ethereum PoW network brought the attacker 200 ETHW (about $1,000). The theft was made possible because the OmniBridge protocol (a bridge for transferring funds between different blockchains) in the PoW network received a second message about a transaction already made in the Ethereum network. This was reported on Twitter by cybersecurity company BlockSec.


On the morning of September 15, The Merge update occurred on the Ethereum core network, which switched the altcoin from Proof-of-Work to Proof-of-Stake (PoS) protocol. A few hours later, the Ethereum PoW (old version) blockchain hardfork was launched to support mining. The token of the old version of the network was designated ETHW.


On September 18, an attacker transferred 200 wrapped Ethereums (WETH) via the OmniBridge protocol of the Ethereum blockchain to the Gnosis network. He then repeated the same transaction message on the new PoW blockchain to get 200 ETHW from a copy of the OmniBridge smart contract on that network, and received these funds.


Analysts explained that the attack was made possible by a vulnerability in the OmniBridge smart contract, which uses the wrong unique blockchain identifier. The OmniBridge smart contract mixed up the networks and mistakenly paid out funds to the fraudster.


The Ethereum PoW network itself was not hacked; the stolen funds belonged to the OmniBridge protocol. However, analysts warned that similar attacks using the PoW blockchain and ETHW tokens could happen to other interconnect bridges.


ETHW has fallen sharply in price on centralized exchanges since the launch of the hardfork, but on Friday, September 16, its price rose to 16,400 USDT (about $16,400) on the old version of the network on decentralized exchanges. This was due to the desire of owners of various bonus PoW versions of coins accumulated after the "Merger" to take them out of the network of the new Ethereum hardfork.

Other news

Poloniex exchange names terms of withdrawal after hack
Reuters claimed terrorists are refocusing on crypto transfers on the Tron network
The filmmaker spent $4M on Dogecoin to shoot and made $27M
One of the largest Bitcoin mining pools, f2pool, has started blocking transactions from sanctioned wallets.
Who is Richard Teng, the individual who took over the position of head at Binance after Changpeng Zhao?
Coinbase calls Binance capable of paying fine without selling assets