Anonymous cryptocurrency Firo — formerly known as Zcoin— is the latest Proof-of-Work coin to suffer a 51% attack.

Tweeting on Wednesday, Firo revealed that the protocol had come under a 51% attack and advised holders to pause all transactions until the network returns to a normal state.

The attack reportedly came to light when users reported that previously confirmed transactions had become unconfirmed. This was apparently the result of a blockchain reorganization attack initiated by the attacker.

According to Binance CEO Changpeng Zhao, the blockchain reorg resulted in a rollback of 306 blocks. Details of the attack shared by team members on the project’s Telegram group showed the attacked “orphaned” confirmed transactions from the previous day.

At publishing time, the Firo team says the attack has stopped. Commenting on the economic cost of the attack, Firo project steward Reuben Yap told Cointelegraph:

“Exchanges are the ones at a loss as the attacker had deposited funds which have now been reversed because of the 51% attack. We are still working with exchanges to resolve the matter. From what we know at the moment both Binance and Indodax were affected.”

Firo stated that the attack was not due to a coding error. “We frequently assess to see what kind of hash rate is easily rentable on MTP and it never approached something that would have been able to pull off an attack on this scale,” Yap said.

For the Firo team, the attack was only possible because the project was yet to deploy Chainlocks on the mainnet. A Chainlock is a secondary validation layer that reportedly mitigates a 51% attack.

According to Yap, with Chainlocks activated, an attacker would need to control at least half of all Firo master nodes in addition to the usual 51% mining hash rate dominance.

Firo has reportedly completed the testing protocols for Chainlocks and is primed for its full deployment in the next few weeks. When integrated, Chainlocks will be the latest protocol feature added to the project after activating the Lelantus upgrade.

The timing of the attack was suspicious, according to Yap, who said that Firo is investigating possible motives. “To pull a double spend of this magnitude, the attacker had also acquired significant amounts of Firo legitimately,” he said, adding:

“The timing of the attack is also weird given that MTP has been live on our chain for a long time and several months have passed since first halving. To attack us when we are so close to deploying chain locks seems strange.”

On the price side, Firo (FIRO) is down almost 12% in the last 24 hours. This decline has interrupted a positive 14-day trading period for FIRO but the privacy coin is still up over 73% since the start of 2021.

Proof-of-Work blockchains with significantly lower hash rates have fallen victim to 51% attacks on several occasions. Back in 2020, Ethereum Classic suffered multiple 51% attacks with one such incident leading to the loss of about $5.6 million worth of ETC. Grin, another privacy-focused crypto also suffered a 51% attack in 2020.