POW of Ethereum Suffers Replay Attack

Old Ethereum network sees a price drop of 18%

1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn't correctly verify the actual chainid (which is maintained by itself) of the cross-chain message.

— BlockSec (@BlockSecTeam) September 18, 2022

A replay attack is one that involves the capturing of transmitted authentication information followed by subsequent retransmissions of that information with the intent of gaining unauthorized access.A form of the attack is when a cyber criminal eavesdrops on a network’s communication, intercepts it, and then delays or resends that information to misdirect the receiver into do whatever the hacker wants.

Yesterday September 18 the POW or Proof Of Work Ethereum network suffered such an attack. Exploiters replayed a message from the new Proof Of Stake Ethereum chain. The attack was able to be completed due to an exploit that happened due a bridge not being correctly able to verify the actual ChainID of a cross-chain message. This was quickly discovered by BlockSec.

1/ Alert | BlockSec detected that exploiters are replaying the message (calldata) of the PoS chain on @EthereumPow. The root cause of the exploitation is that the bridge doesn't correctly verify the actual chainid (which is maintained by itself) of the cross-chain message.

— BlockSec (@BlockSecTeam) September 18, 2022

20 WETH were transferred through the Omnibridge of the Gnosis chain, the same transaction was then replaye on the POW chain to snag an extra 200 ETHW. There was a report from BlockSec that the attacker had the potential to drain the balance of the POW chain contract. The funds have now been transferred to MEXC as stated by CertiK.

Read Also: Premint Hack sees 300+ NFTs and $400K in Ethereum Stolen

The ETH PoW’s official Twitter replied to the situation in a statement:

“(We) Had tried every way to contact Omni Bridge yesterday. Bridges need to correctly verify the actual ChainID of the cross-chain messages.”

It would seem this was not a chain-level replay attack but such attack is not possible on the ETHPOW chain due to the network being enforced by EIP-555 right before the hard fork.  This translates into transactions of each chain not being able to be re-enacted on either.  This may be a bit of good news but any hack on the network is not, the fork has only been less than a week and exploits are never a good thing. 

This attack saw the ETHW lose 12% of its value right after the news hit.

#PeckShieldAlert Seems like @EthereumPow suffered a replay attack. $ETHW has dropped -12%. Be Alerthttps://t.co/wuPLXsaanN pic.twitter.com/OlDgvNehTh

— PeckShieldAlert (@PeckShieldAlert) September 18, 2022

As of the time of this writing the token saw a drop of 18% and has picked back up a little over 2%.

Read More: Yet another platform loses millions in attack.