On Saturday, the Coinbase security team noticed something troubling. Someone had made a deep reorganization in the distributed ledger for Ethereum Classic, a smaller spinoff from the Ethereum coin. The attackers had pulled off the cryptocurrency equivalent of writing a bad check. The initial fraud reported by Coinbase on Monday was $460,000, but in the days that followed, the total amount rose to over $1 million, spread over 20 different transactions.
Coinbase told The Verge that no wallets controlled by the company or its customers were involved. The company’s security team only detected the attack because, as security engineer Mark Nesbitt told The Verge, “whether or not it was directed at us, it could have been.” The company halted...