A 51 percent attack is one of the most significant security threats that any cryptocurrency can face. They occur when an attacker—or group of attackers—controls the majority of a coin’s hashing power.
There have been several instances of attacks over the last 18 months, with a significant deluge during a remarkable three-month period in Spring 2018.
Let’s take a look at the recent history of 51 percent attacks.
April 2018: Verge
We had a small hash attack that lasted about 3 hours earlier this morning, it's been cleared up now. We will be implementing even more redundancy checks for things of this nature in the future! $XVG #vergefam
— vergecurrency (@vergecurrency) April 4, 2018
On April 4, a Bitcointalk user revealed that Verge was experiencing a 51 percent attack.
The attack was made possible by a bug in the coin’s code. It allowed the attacker to spoof timestamps, thus meaning new blocks could be created using the same algorithm. A look back at the records shows that the hacker was able to create several new blocks within seconds of each other.
The hack lasted for three hours. Upon competition, the thief had got away with more than 250,000 Verge tokens. They had a value of more than $1 million.
Verge’s developers were eventually forced to create a hard fork of the blockchain.
May 2018: Monacoin
On May 13, Japanese token Monacoin was the victim. It was a small-scale attack, with the eventual damages thought to be around $90,000.
The hack was a “selfish mining attack.” They occur when a hacker successfully mines a block but does not broadcast the new block to other nodes on the network.
If the hacker can be the first to find the next block, they can broadcast the new longest (previously secret) chain, and invalidate any blocks discovered by other miners.
In the case of the Monacoin attack, the perpetrator tried to send the tokens outside Japan to Livecoin. There, he could swap them for other altcoins before he revealed his secret chain.
After the event, it emerged that the hacker controlled as much as 57 percent of Monacoin’s hashing power during the attack. Experts believe the unknown attacker had been trying to exploit a weakness in Monacoin’s difficulty for more than a year and a half.
May 2018: Verge
In the same week as the Monacoin hack, Verge was the victim for the second time in a month. The hacker deployed a modified version of the previous attack.
Two algorithms were used. They allowed the hacker to fork the main Verge blockchain and create 25 new blocks every second.
Once the dust settled, 35 million XVG ($1.8 million) had been stolen.
Note: Read our coverage of other cryptocurrency hacks to learn about other attack vectors.
May 2018: Bitcoin Gold
As it turned out, the increased activity in 51 percent attacks during the early spring was all a precursor for the big one.
On May 18, Bitcoin Gold suffered a 51 percent attack. It happened barely six months after its high-profile launch as one of the many Bitcoin forks. The attack followed swiftly on the heels of a DDoS attack as problems mounted up for the fledgling coin.
News of the hack surfaced when the coin’s Communication Director, Edward Iskra, wrote a blog post to alert the community on the Bitcoin Gold’s official forum. He urged exchanges to increase the number of necessary confirmations for a transaction.
The final fraudulent transaction was seen on May 19.
During the 51 percent attack, the hacker stole 388,000 BTG. The lost tokens had a dollar value of about $18 million.
The Bitcoin Gold 51 percent attack remains the largest to date.
May 2018: Litecoin Cash
51% attack on LCC, wds/deps turned off. Awaiting update from devs.
— Yobit.Net (@YobitExchange) May 31, 2018
The attack on Litecoin Cash occurred on May 30. Like Bitcoin Gold, the token had only existed for a matter of months before being targeted. Russian exchange YoBit was the first to break the news.
Due to the coin’s small size, the financial cost was much less significant than the other hacks on this list.
In the midst of the other high-profile attacks, the Litecoin Cash hack didn’t start gaining headlines until mid-June.
June 2018: ZenCash
The spate of 51 attacks over the Spring ended with ZenCash on June 3.
The hacker was able to double-spend two large transactions—for 13,000 and 6,600 ZEN—in an attack that lasted for four hours.
According to reports, the hacker was able to reorganize the blockchain multiple times. The most substantial rollback saw 38 blocks reversed.
The stolen ZEN had a value of $550,000. Estimates suggest it cost the attacker around $30,000 to perform the hack.
January 2019: Ethereum Classic
The 51 percent attack against Ethereum Classic in early January 2019 was the most high-profile attack since the previous summer.
Coinbase was among the first to spot the early signs of the attack. On the evening of January 5, the exchange noticed “repeated deep reorganizations of the Ethereum Classic blockchain.”
The company suspended Ethereum Classic on its systems while its engineers worked to investigate further. By Sunday night, Coinbase had found eight instances of double-spending.
It made the findings public on the morning of January 7. At almost exactly the same time, Chinese firm SlowMist also revealed it had found evidence of an attack.
By the end of the day, Coinbase had found a further seven examples, taking the number of double-spending instances to 15. In total, 219,500 tokens were stolen; they were worth $1.1 million.
In a strange final twist, the hacker(s) returned $100,000 to crypto exchange Gate.io a few days later. There is no known motive.
Learn More About 51 Percent Attacks
Beyond the financial costs, 51 percent attacks have profound implications for people’s trust in blockchains. One of the industry’s key selling points is a blockchain’s immutability. Without the guaranteed immutability, a coin will struggle to survive.
If you’d like to learn more, read our explanation of how 51 percent attacks work.