A method by which bad actors can potentially reverse or erase existing blockchain transactions by controlling more than 50% of the processing power in Proof-of-Work cryptocurrency
Over 1.8 million professionals use CFI to learn accounting, financial analysis, modeling and more. Start with a free account to explore 20+ always-free courses and hundreds of finance templates and cheat sheets.
Cryptocurrency has made its mark on the world and appears to be here to stay. According to Kat Tetrina from Forbes Advisor, there are currently over 22,000 crypto projects[1], and their total market value sits around 1 trillion dollars. Perhaps you have heard of some of the top coins like Bitcoin, Ethereum, and Tether. Their values have fluctuated over the years; nevertheless, people continue to adopt and invest in the digital market.
The interest in cryptocurrencies has also gathered the attention of several bad actors. From rug pull schemes to phishing attempts, it feels like there is a new scam every day. In fact, since 2021, it is estimated that over 46,000 individuals have been scammed, and over 1 billion dollars[2] has been lost collectively in crypto-related scams.
What’s more, these criminals have begun targeting coins themselves rather than just individuals. One tactic is the 51% attack, and this article will dive into how criminals employ the strategy. But first, to understand how these assaults work, it is crucial to understand how cryptocurrencies operate.
Key Highlights
51% attacks manipulate how blockchains function to gather control over the ledger of a digital coin that uses Proof-of-Work.
Double-spending can result from 51% attacks, leading to bad actors gaining more assets and legitimate buyers losing out on their purchases.
Proof-of-stake coins use staking and randomization to prevent users from taking advantage of this vulnerability.
How do 51% Attacks Work?
Blockchain technology provides security; however, bad actors have found ways to exploit its vulnerabilities. Blockchains use a series of nodes to host their information, so a single node or group of nodes could control the majority of the nodes for a specific cryptocurrency, generally smaller cap cryptos. In a 51% attack, the individual or group performing the attack exploits the proof-of-work[3] (PoW) element that blockchains use to verify information.
Since the attacker controls the majority of the processing power, they are able to relay new information to all nodes. And since they control the majority of the nodes, the hackers can then validate the false information, then that piece is added to the database.
In some instances, prior blocks could be altered. For cryptocurrencies, blocks are typically transactions, and these transactions are used to determine how much of a coin individuals own. As you can surmise, the ability to alter the ledger by adding new blocks to the database could allow bad actors to add more funds to their accounts.
What are the Ramifications of 51% Attacks?
Before the discovery of an attack, scammers can wreak havoc. As mentioned, blocks can be added to the database, which can result in something known as double-spending. This is where the same tender is spent multiple times. If confirmed by enough nodes, these fake transactions can become irreversible, and those with the authentic transaction are left empty-handed. After a successful strike has been discovered, a coin’s reputation is sure to plummet, and the scammers, as well as reputable investors, may pull out, causing the coin’s value to crash.
Bad actors can also reverse or even delete existing transactions on the blockchain if they are successful in a 51% attack. Additionally, they can overload the network and cause a Denial of Service (DoS) attack where the hackers bog down the cryptocurrency so much that it is inaccessible to legitimate users.
51% Attack Example
In early 2019, Ethereum Classic became the victim of this style of assault when more than half of the nodes were taken up by a single actor. Coinbase, which is one of the biggest crypto trading platforms[4]in the world, was able to pick up on the suspicious activity and trading of the asset was frozen. Although Ethereum was hurt by this[5], it did enlighten many coin projects to this easy exploitation.
51% Attack Safeguards
In the same way that businesses have to protect themselves against fraud[6] when it comes to online payments, crypto coins must protect themselves from these attacks. Luckily, there is a built-in safeguard. Coins like Bitcoin have a vast number of nodes, and each Bitcoin has a high value, making it an extremely expensive venture to try and obtain more than half of the available nodes.
Buying is not the only way users can gather Bitcoins. They can also receive them in exchange for goods and services, or they can be mined. Mining is the process of adding new coins to the ledger, and although this may not require upfront funds, it does require enormous amounts of electricity, which can be costly. Paying utility bills can be financially taxing as well as a burden on the environment. Unfortunately, many smaller coins are not as expensive as Bitcoin and therefore do not have this protection.
Another method to protect against these attacks is to use proof-of-stake (PoS). Cryptocurrencies that use the proof-of-stake method require nodes to put their assets up for stake for a chance to perform as the node used to validate a transaction. In exchange, nodes that help validate have the opportunity to earn coins. Furthermore, those who fail to confirm may lose their stacked coin. The chance to earn coins, along with the ability to lose them, encourages users to act accordingly.
Another aspect that protects cryptocurrencies against 51% attacks is that nodes are chosen randomly. Even if one group or individual owns the majority of coins available, they may not all be chosen to validate incoming transactions. Ethereum, Binance coin, Solana, and Cardano are some of the cryptocurrencies that use proof-of-stake.
Many scams, whether they are related to online shopping or investing in cryptocurrency, have similar tell-tale signs. A few of the top signs of scams[7] include urgency, something seeming too good to be true, poor reputation, and of course, seeking personal information. Scammers could use phishing to gain control of your account and use it to gain the majority of the nodes accessible.
Wrapping Up
Popular and expensive coins have the security of an expensive financial cost to scammers, but even Ethereum became a victim and suffered from it. This incident has led to several coin projects moving to proof-of-stake[8] as a safeguard.
Take your learning and productivity to the next level with our Premium Templates.
Upgrading to a paid membership gives you access to our extensive collection of plug-and-play Templates designed to power your performance—as well as CFI's full course catalog and accredited Certification Programs.
Gain unlimited access to more than 250 productivity Templates, CFI's full course catalog and accredited Certification Programs, hundreds of resources, expert reviews and support, the chance to work with real-world finance and research tools, and more.