China-based security firm SlowMist has claimed that it has enough evidence to locate the culprit behind recent chain attacks on ethereum classic.
In a Medium article published Wednesday, SlowMist summarized the bulk of their analysis on ethereum classic, specifying the three wallet addresses and four transaction hashes that launched the two-day block reorganization (reorg) attacks on the network. The company also corroborated information released by cryptocurrency exchange Coinbase.
Both SlowMist and Coinbase said double spends have occurred as a result of block reorgs, with SlowMist contending that a total of seven transactions were rolled back from the network and 54,200 ETC (almost $270,000) spent a second time.
Affirming that these attacks to have started as early as Saturday 19:58 UTC, the company highlights that similar attacks on the network have now stopped, with the last documented one occurring Tuesday at 4:30 UTC.
SlowMist further said that it is still seeking to find out where exactly the identified addresses are located, which the firm said can be deduced “if the relevant exchanges are willing to assist.”
Speaking to CoinDesk, SlowMist identified Gate.io, Bitrue and Binance as the exchanges they’re looking to work with in order to locate the attacker.
When asked to elaborate on the exact information beyond geography SlowMist is looking to identify about those behind the attack, the team responded in an email they could not disclose such information, calling it “a secret.”
Ethereum classic developers are working closely with the SlowMist team to identify the origin of these attacks and will be meeting today during a private Discord call at 5 p.m. UTC to discuss actionable items moving forward.
In advance of this meeting, ethereum classic developers tweeted a summary of current priorities for the community, emphasizing that “we will not reorg the chain or revert the events on chain under any circumstance.”
Map image via Shutterstock
Wolfie Zhao contributed reporting.