Imagine walking into a store, buying a coffee with cash, and then somehow convincing the cashier that you never handed over the money. You keep the coffee, you keep your cash, and the store loses both. This isn’t magic; it’s double spending, and in the world of cryptocurrency, it’s the primary goal of a 51% attack.
For years, many people believed that blockchain technology was unhackable by design. Satoshi Nakamoto, the creator of Bitcoin, assumed that acquiring half of the network’s computing power would be impossible due to the sheer scale required. But as the crypto landscape exploded with thousands of alternative coins (altcoins), this theoretical risk became a very real, documented nightmare for several projects. Today, we aren't talking about hypothetical scenarios. We are looking at the actual moments when hackers seized control of entire networks, rewrote history, and stole millions.
How a 51% Attack Actually Works
To understand why these attacks happen, you first need to grasp how Proof-of-Work (PoW) blockchains maintain order. In PoW systems like Bitcoin or Ethereum Classic, miners compete to solve complex mathematical puzzles. The first miner to solve the puzzle gets to add the next block of transactions to the chain and is rewarded with new coins. The rule is simple: the longest valid chain is the true one.
A 51% attack occurs when a single entity or group gains control of more than 50% of the network’s total mining hash rate. With this majority, they don’t just mine faster; they dictate reality. Here is the step-by-step process an attacker follows:
- Gain Control: The attacker rents or buys enough mining hardware to outpace all other honest miners combined.
- Create a Secret Chain: They start mining their own version of the blockchain privately. This secret chain excludes certain transactions-specifically, the ones where they deposited funds into an exchange.
- Execute the Transaction: Simultaneously, they send those same coins to a public exchange, sell them for stablecoins or fiat currency, and withdraw the cash.
- Release the Attack: Once the exchange confirms the deposit and releases the funds, the attacker reveals their secret, longer chain. Because it is longer, the network accepts it as the truth.
- Double Spend Complete: The original deposit transaction disappears from the ledger. The attacker still has their original coins, plus the cash they withdrew. The exchange is left holding the bag.
This mechanism allows attackers to reverse confirmed transactions, censor legitimate users, and effectively halt the network. It is not a bug in the code; it is a flaw in the economic distribution of power.
Ethereum Classic: The Repeated Victim
If there is a poster child for 51% attacks, it is Ethereum Classic (ETC). Ethereum Classic is a decentralized platform that emerged from a hard fork of the original Ethereum blockchain in 2016 following the DAO hack. ETC maintains the original Ethereum ledger but operates on a Proof-of-Work consensus mechanism, making it vulnerable to hash rate dominance.
In early 2019, Ethereum Classic suffered its first major 51% attack. A malicious actor controlled more than half of the network’s nodes. Coinbase, one of the largest cryptocurrency exchanges, detected suspicious activity in real-time. Their monitoring systems identified unusual transaction patterns indicative of blockchain reorganization attempts. To protect user funds, Coinbase immediately froze all trading of Ethereum Classic. This incident highlighted a critical point: even if the blockchain itself is compromised, centralized exchanges can act as a defensive layer by halting withdrawals.
However, the attackers didn’t stop there. In August 2020, Ethereum Classic faced three separate 51% attacks within a single month. The financial losses reached millions of dollars. The severity of these repeated assaults was so damaging that some exchanges publicly discussed delisting ETC entirely. These events proved that without sufficient mining diversity, a network remains perpetually exposed, regardless of its historical significance or community support.
Bitcoin Gold: A Textbook Case Study
Bitcoin Gold (BTG) is a cryptocurrency created in late 2017 as a fork of Bitcoin, designed to make mining more accessible using graphics processing units (GPUs) rather than specialized ASIC chips. When BTG launched, it aimed to decentralize mining away from industrial farms. Unfortunately, this ambition made it a prime target.
Bitcoin Gold suffered multiple successful 51% attacks shortly after its inception. The vulnerability stemmed from its relatively small network hash rate compared to Bitcoin’s massive infrastructure. Attackers exploited a phenomenon known as "hash rate switching." Miners operating on larger networks could temporarily redirect their computational power to Bitcoin Gold because it used a compatible mining algorithm. By pooling resources from larger coins, attackers overwhelmed BTG’s native miners.
The MIT Digital Currency Initiative cited Bitcoin Gold as a textbook example of how smaller cryptocurrencies fall prey to this threat. They noted that only a small fraction of miners from a large coin like Bitcoin need to switch to a smaller coin to achieve 51% control. For Bitcoin Gold, the cost of renting this hash power was significantly lower than the potential profit from double-spending, creating a lucrative business model for cybercriminals.
| Cryptocurrency | Consensus Mechanism | Estimated Cost to Attack (Hourly) | Vulnerability Level |
|---|---|---|---|
| Bitcoin (BTC) | Proof-of-Work | Millions of USD | Extremely Low |
| Litecoin (LTC) | Proof-of-Work | Thousands of USD | Moderate |
| Ethereum Classic (ETC) | Proof-of-Work | Hundreds of USD | High |
| Bitcoin Gold (BTG) | Proof-of-Work | Hundreds of USD | High |
The Economics of Renting Hash Power
You might assume that launching a 51% attack requires billions of dollars in custom-built mining rigs. While that is true for Bitcoin, it is no longer true for many altcoins. The rise of "mining-as-a-service" platforms has democratized access to computational power, inadvertently lowering the barrier to entry for criminals.
In July 2025, blockchain security expert Karsten Nohl analyzed the current economics of these attacks. He revealed that attacking Bitcoin would require controlling approximately 204 exahashes per second (EH/s). At current market rates, renting this capacity costs several million dollars per hour. Given Bitcoin’s market cap and liquidity, such an attack would likely crash the price before any profit could be realized, making it economically irrational.
Contrast this with Litecoin or smaller coins. Despite Litecoin having a multi-billion dollar market capitalization, Nohl’s analysis showed it could be attacked for only a few thousand dollars by amassing more computational resources than the existing chain. This disconnect between market value and network security is dangerous. Investors often equate high market cap with safety, but in Proof-of-Work systems, safety is determined solely by hash rate distribution. If a coin has low mining competition, its price tag offers no protection against takeover.
Beyond Theft: Market Manipulation and DoS Attacks
While double-spending is the most direct form of theft, 51% attacks serve other malicious purposes. Attackers can use their control to manipulate market sentiment. By launching an attack, they create chaos and uncertainty. Traders panic, selling off their holdings, which drives the price down. Sophisticated attackers often establish short positions before the attack begins, profiting from the price drop caused by their own sabotage.
Additionally, attackers can execute Denial of Service (DoS) attacks. By refusing to include legitimate transactions in their blocks, they can freeze the network. Users cannot send or receive funds. Honest miners find their blocks constantly orphaned (rejected) because the attacker’s chain grows faster. This effectively shuts down the blockchain, rendering it useless until the attacker decides to stop. The Cloud Security Alliance emphasized in a 2020 report that these are not "someday maybe" threats but active, "here and now" risks facing distributed ledger technologies.
Defenses and Future Outlook
So, how do networks protect themselves? For giants like Bitcoin, the defense is economic deterrence. The cost of attack exceeds the potential reward. Furthermore, Bitcoin has a vast number of independent nodes and a highly vigilant community. Any sudden shift in hash rate or mining pool concentration triggers immediate alerts. Emergency protocol upgrades can be deployed if necessary.
For smaller networks, defenses are weaker. Exchanges have adapted by increasing confirmation requirements. Instead of crediting a deposit after one block confirmation, they may wait for ten or twenty confirmations. This makes double-spending harder because the attacker must maintain their secret chain longer, increasing the cost and risk of detection. However, this slows down user experience and does not prevent the attack entirely.
Some networks are moving away from Proof-of-Work to Proof-of-Stake (PoS) or hybrid models to eliminate hash rate-based vulnerabilities. In PoS, validators stake their own coins to secure the network, making an attack economically self-destructive since the attacker would devalue their own holdings. Until smaller PoW chains migrate or increase their mining diversity, they remain sitting ducks for anyone willing to rent a few terahashes of power.
Can Bitcoin suffer a 51% attack?
Theoretically, yes, but practically, it is nearly impossible. Bitcoin’s hash rate is measured in exahashes per second. An attacker would need to control over 204 EH/s, requiring hundreds of millions of dollars in hardware and electricity costs. The expense far outweighs any potential profit from double-spending, serving as a strong economic deterrent.
What happened during the Ethereum Classic 51% attack in 2020?
In August 2020, Ethereum Classic experienced three separate 51% attacks within one month. Attackers reversed transactions totaling millions of dollars. The repeated breaches severely damaged trust in the network, leading some exchanges to consider delisting the asset. It highlighted the ongoing vulnerability of low-hash-rate Proof-of-Work chains.
How much does it cost to launch a 51% attack?
The cost varies drastically by network. As of 2025, attacking Bitcoin costs millions of dollars per hour. However, attacking smaller coins like Ethereum Classic or Bitcoin Gold can cost as little as a few hundred to a few thousand dollars when renting hash power from mining pools. This affordability makes smaller altcoins frequent targets.
Why did Bitcoin Gold get hacked so easily?
Bitcoin Gold used a mining algorithm similar to Bitcoin but had a much smaller dedicated mining community. Attackers were able to redirect hash power from larger networks to overwhelm Bitcoin Gold’s limited defenses. This demonstrated that sharing an algorithm with a secure coin does not guarantee security if your specific network lacks sufficient independent miners.
Can exchanges prevent 51% attacks?
Exchanges cannot prevent the attack on the blockchain itself, but they can mitigate the damage. By implementing strict confirmation requirements and monitoring for unusual reorganization patterns, exchanges can freeze funds before attackers successfully withdraw stolen assets. Coinbase successfully used this method during the 2019 Ethereum Classic attack.
