ZenCash Suffers 51% Attack, Loses $550,000 in Double Spend Trades

June 4, 2018 by Cameron Bishop

In the past two months, a few of the blockchain networks have suffered a 51% attack. These include Bitcoin Gold (BTG), Verge (XVG), and MonaCoin (MONA), among others. During the weekend, ZenCash (ZEN), a platform designed for secure communications and private economic activity, saw its network suffer a 51% attack on June 2 at approximately 10.43 pm EDT. The attack resulted in a loss of about $550,000 worth Zen crypto tokens.

The platform claims to use state of the art cryptography and zero-knowledge proofs, which enable fully private p2p communication with Zen.

The Zen team has announced that it had taken necessary steps to considerably increase the difficulty to deploy similar attacks on the network in the future. The team became aware of the attack when a pool operator sent an alert message to them. The team immediately evaluated hash power distribution. At the same time, all exchanges which have listed ZenCash were advised to increase confirmation times. The investigation revealed that the suspected operation was a double spend. ZenCash team is conducting additional investigation with the affected exchange.

Regarding the 51% attack, ZenCash team has stated

“a 51% attack or double spend is a major risk for all distributed, public blockchains. All Equihash-based networks are exposed to an influx of new Equihash power and therefore the best short-term mitigation strategy is to recommend that all exchanges increase their minimum required confirmations to at least 100.”

When the attack was carried out Zen network hash rate was 58 MSol/s (Sol/s in Zcash is exactly the same as measuring TH/s in Bitcoin). ZenCash team believes the attacker has a private mining network big enough to conduct such an attack or have access to rental hash power. As the net hash rate is derived from the last mined block, live hash rate statistics are not available.

Furthermore, ZenCash has identified the suspect pool address to be znkMXdwwxvPp9jNoSjukAbBHjCShQ8ZaLib. The hacker caused multiple reorganizations of blockchain between blocks 318165 and 318275. The longest reorganization resulted in reverting 38 blocks. The hacker executed double-spend in block 318204 and 318234. The first double spend was 6600 Zen, while the second double spend was 13,234.9 Zen. According to the Zen team, the ZenCash cryptos were further deposited in address zneDDN3aNebJUnAJ9DoQFys7ZuCKBNRQ115.

It seems a hacker is constantly on a search for vulnerabilities in the blockchain networks. One good thing the hacker does is that he has busted the myth that decentralized systems are invincible from attacks. Ultimately, it all boils down to the quality of coding. A badly coded blockchain network will definitely come under a 51% attack. We may see more of these kind of attacks in the future as long as the value of cryptocurrencies is attractive enough for a hacker to initiate an attack.