What is a 51% attack?
51% attack happens when a single entity controls more than half of a blockchain's mining power. This gives them the ability to manipulate transactions, block new confirmations, and rewrite the blockchain history. However, they can't steal coins from wallets or create new coins beyond protocol rules.
Why small cryptocurrencies are easy targets
Bitcoin's network hash rate exceeds 500 exahashes per second. That's so massive that renting enough power to attack it would cost millions. But look at smaller coins. In 2020, Bitcoin Gold's hash rate was just 1.5 terahashes per second. Renting control over that network cost attackers only $10,000. The math is simple: lower hash rate means cheaper attacks. Small cryptocurrencies often have fewer miners, making it easier for bad actors to gather majority control. When a coin's market cap is under $10 million, the cost to attack it is often lower than the potential gains from double-spending.
Real-world attacks that changed crypto
Bitcoin Gold's May 2018 attack stands out. Attackers double-spent $18 million worth of coins by reversing transactions on the blockchain. The network's low hash rate made it possible. Within weeks, major exchanges like Binance and Huobi delisted Bitcoin Gold. This wasn't a one-time event. They got hit again in 2020, losing another $1 million. Ethereum Classic suffered multiple 51% attacks between 2019 and 2020. In one incident, attackers stole over $5 million by double-spending. The attacks caused exchanges to pull the coin from trading pairs, destroying liquidity. Feathercoin and Krypton also fell victim to similar attacks when their networks were too small to resist.
How attackers pull off these heists
There are three main ways attackers get enough mining power. First, they rent hashpower from cloud services like NiceHash. For a small coin, this costs pennies on the dollar. Second, they coordinate multiple mining pools to work together. Third, they buy enough hardware to dominate the network. But the cheapest method is renting. In 2023, Monero faced an attack where the Qubic mining pool seized control of the network. Despite Monero's RandomX algorithm designed to resist ASICs, attackers used rented CPU power to overwhelm the network. This caused massive blockchain reorganizations and froze transactions for hours.
The economics of 51% attacks
MIT researchers found something shocking: attacking smaller blockchains can be profitable. Their models show attackers break even or even profit when the cost of renting hashpower is less than the value of double-spent coins. For example, if an attacker steals $1 million worth of coins and the attack costs $50,000, they net $950,000. This contradicts Satoshi Nakamoto's original assumption that 51% attacks would be too expensive. Today, with cloud mining services available, the barrier to entry is shockingly low. A single person with $20,000 can potentially attack dozens of small cryptocurrencies.
How to protect your coins
Security experts recommend several defenses. First, require more confirmations for large transactions. Bitcoin Gold now requires 100 confirmations instead of 6 for exchanges. Second, implement checkpointing systems that prevent deep reorganizations. Third, diversify mining pools to avoid concentration. Fourth, monitor network activity for unusual hash rate spikes. However, these measures have trade-offs. Checkpointing introduces centralization risks. More confirmations slow down transactions. There's no perfect solution-just trade-offs between security and usability.
The future of 51% attacks
Attack-as-a-service platforms are emerging. For as little as $5,000, anyone can hire a service to attack a small cryptocurrency. Cloud mining resources are getting cheaper and more accessible. Industry analysts predict that every cryptocurrency under $10 million market cap will face repeated attacks in the coming years. Only networks with strong community vigilance and substantial hash rate distribution will survive. Bitcoin and Ethereum remain safe due to their massive networks, but smaller coins must adapt quickly or face extinction.
What exactly happens during a 51% attack?
During a 51% attack, the attacker controls more than half of the network's mining power. This lets them reverse transactions, block new confirmations, and create a longer chain to overwrite the existing blockchain. However, they can't steal coins from wallets or create new coins. The attack primarily enables double-spending and transaction censorship.
Can a 51% attack steal coins from my wallet?
No. Attackers can't access your private keys or directly steal coins from your wallet. Instead, they manipulate transactions on the blockchain. For example, they might send coins to an exchange, then reverse that transaction after the exchange credits them, effectively double-spending the same coins. Your wallet security remains intact, but transactions involving your coins could be reversed.
How long does a 51% attack last?
The duration varies. Some attacks last just a few hours, while others persist for days. Attackers usually stop once they've double-spent enough coins or when the network detects the attack. For example, Bitcoin Gold's 2018 attack lasted about 12 hours before exchanges intervened. However, some attacks like Ethereum Classic's in 2019 continued for weeks before the community implemented stronger defenses.
What should I do if my cryptocurrency gets attacked?
If your coin suffers a 51% attack, immediately stop trading or transferring coins. Check if exchanges have delisted the coin or frozen withdrawals. Monitor official announcements from the project team. Most importantly, avoid sending coins until the network stabilizes and confirmations are restored. If you hold coins, consider moving them to a secure wallet offline. For exchanges, they may temporarily halt deposits and withdrawals to prevent further losses.
Are there any cryptocurrencies immune to 51% attacks?
No cryptocurrency is completely immune. However, networks with extremely high hash rates like Bitcoin and Ethereum are practically immune because the cost to attack them exceeds the potential gains. Bitcoin's attack cost is estimated at over $100 billion, making it economically unfeasible. Smaller coins with less than $10 million market cap remain vulnerable. The key is to choose coins with strong community support and high hash rate distribution.