Bither CEO: Bitclub is Performing Segwit-related Attack Against Network

Wen Hao, CEO of Bither wallet, a Chinese mobile bitcoin wallet, said early Friday morning that the Bitclub pool (which has 4% of the total hashrate) launched a transaction malleability attack on the Bitcoin network during the night. 

The attacks were evident in blocks mined by the pool in question; more specifically in block 456545 and 456552 – which led to a halt in’s block monitoring updates. Some other blockchain monitors were still showing the correct block height (the latest blocks mined). Bitmain’s director of engineering also captured evidence of the ongoing attack, as witnessed in chinese chat rooms on the subject.

Bither CEO: Bitclub is Performing Segwit-related Attack Against Network
Transaction malleability attack announced in Chinese chat room.

New Way To “Vote”?

Some online chatter regarding the issue revolved around the idea that the attack is political; trying to influence developers and stakeholders to come to a solution to the so-called malleability issue (which Segwit is intended to solve).

Some even said it was a new way to signal preference for the proposed Segwit update. Bither’s Hao sent this message out in chat rooms and later also posted it on Reddit, and Medium;

“On March 10th at around 12:00 a user reported a double spend to us. We thought it was occasional. But when we looked into details, we found out it is a very well prepared attack by a pool on the bitcoin network.

BitClub (4%) was doing malleability attack. Without changing the content of the transaction, they managed to alter txid, by exploiting the symmetry characteristic of elliptic curves.

In the two blocks they mined, 456545 and 456552, they changed all the txid inside the blocks. In other words, they “double spent” all transactions., the most widely used blockchain explorer, is basically crashed during the attack event. Since block 456545, no longer received any new blocks.”

Bither CEO: Bitclub is Performing Segwit-related Attack Against Network

Updates To Follow

It’s still not exactly clear how the attack was performed. Investigations are under way, and some report the attack is still active., the most widely used blockchain explorer, basically crashed during the attack event. After block 456545, was no longer able to update on new blocks.

At this point in time, it seems unlikely this was unintentional, according to investigators. The “attack” involved not only extracting the signature, but also changing R to R’ in the elliptic curve cryptography.

Therefore, it is reasonable to assume the event was planned, prepared and programmed to achieve the intended outcome.

Later, another block (no. 456574) was also reported to contain “malleability attack” transactions.

BREAKING: Bither CEO: Bitclub is Performing Segwit-related Attack Against Network

Right now the Bitcoin community is discussing the subject heavily across forums and social media. Bitclub has not yet responded to the malleability attack accusations. will be following this story closely and will inform our readers of any new information that turns up.

What do you think about the malleability attacks? Let us know in the comments below.

Like this post? Tip me with bitcoin!

My Bitcoin adress below:

My litecoin adress:

My xapo adress:


If you enjoyed reading this post, please consider tipping me using Bitcoin. Each post gets its own unique Bitcoin address so by tipping you’re not only making my continued efforts possible but telling me what you liked.


Tags: , , ,

Categories: blockchain, Mining, NEWS, Security


Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: