Is the blockchain vulnerable? The 51% attack case

In the past year, the cryptocurrencies and the blockchain have made a lot of talk about them, both good and bad.

The lovers of the crypto will have read, to their detriment, many times in the newspapers the following sentence: BTC no, but the blockchain yes.

Oh yes, to date, after 10 years since the birth of the most famous crypto, the bitcoin, there is still a lot of skepticism behind this new technology, difficult to understand, and that many consider it only in a philanthropic way to get rich, so if the price goes down, as a result btc sucks.
Hackers and criminals who use BTC for illicit operations, BTC which is one of the main causes of global warming, Btc that between “x” years will become 0, and so on with many other fake and little in depth news that generate only FUD, to which there is also another accusation, which wants to make us understand the little security of cryptocurrencies: the case that involved more or less famous coin, the 51% attack.




What is the 51% attack?

One attack scenario against the consensus mechanism is called the “51% attack.”

In this scenario a group of miners, controlling a majority (51%) of the total network’s hashing power, collude to attack bitcoin or other crypto. With the ability to mine the majority of the blocks, the attacking miners can cause deliberate “forks” in the blockchain and double-spend transactions or execute denial-of-service attacks against specific transactions or addresses. A fork/double-spend attack is one where the attacker causes previously confirmed blocks to be invalidated by forking below them and re-converging on an alternate chain. With sufficient power, an attacker can invalidate six or more blocks in a row, causing transactions that were considered immutable (six confirmations) to be invalidated.

Note that a doublespend can only be done on the attacker’s own transactions, for which the attacker can produce a valid signature.

Double-spending one’s own transactions is profitable if by invalidating a transaction the attacker can get a nonreversible exchange payment or product without paying for it.



Let’s examine a practical example of a 51% attack.

Bob, the cafe owner, is willing to accept payment for cups of coffee without waiting for confirmation (mining in a block), because the risk of a double-spend on a cup of coffee is low in comparison to the convenience of rapid customer service.
A double-spend attack can happen in two ways: either before a transaction is confirmed, or if the attacker takes advantage of a blockchain fork to undo several blocks. A 51% attack allows attackers to double-spend their own transactions in the new chain, thus undoing the corresponding transaction in the old chain.


In addition to a double-spend attack, the other scenario for a consensus attack is to deny service to specific bitcoin participants (specific bitcoin addresses). An attacker with a majority of the mining power can simply ignore specific transactions. If they are included in a block mined by another miner, the attacker can deliberately fork and re-mine that block, again excluding the specific transactions. This type of attack can result in a sustained denial of service against a specific address or set of addresses for as long as the attacker controls the majority of the mining power.


The massive increase of total hashing power has arguably made bitcoin impervious to attacks by a single miner. There is no possible way for a solo miner to control more than a small percentage of the total mining power. However, the centralization of control caused by mining pools has introduced the risk of for-profit attacks by a mining pool operator.


When examining this ‘Proof of Work’ algorithm (the mining algorithm), it tells to us that more active hashing/computational power leads to more security against a 51% attack.

Smaller blockchains that operate on this algorithm though, like a small altcoin, may be significantly more vulnerable to such attacks considering there is not way as much computational power for the attacker to compete with. This is why 51% attacks usually occur on small blockchains (Bitcoin Gold for example) if they occur at all. The Bitcoin blockchain has never been victim of a 51% attack before.

The integrity of a PoW cryptocurrency depends on the distributed nature of its network. It is considered decentralized when no miner or mining pool possesses more than 50% of the network hash rate.




Now let’s analyze the cases of the main currencies that suffered 51% attack




An attack was performed (april 2018) on the Verge (XVG) blockchain. In this specific case, the attacker found a bug in the code of the verge blockchain protocol that allowed him to produce new blocks at an extremely fast pace, enabling him to create a longer version of the Verge blockchain in a short period of time, that resulted in 250,000 XVG being stolen by hackers. Verge responded by hard-forking their blockchain.

However, the 51% attack was repeated when hackers added a second algorithm to exploit the same vulnerability previously used by the attackers.

The attack appears to have been carried out between blocks 2155850 and 2206272, enabling the attacker to abscond with approximately 35 million XVG (worth $ 1.75 million at the exchange rate for that period) in just a few hours.


The Verge protocol uses a rotation of five mining algorithms, and an image suggests that the attacker gained control of two of them “scrypt and lyra2re” mined them at virtually no difficulty, and used false timestamps to trick the network into accepting them into the main chain.

Source: ocminer/BitcoinTalk


A complete review was done by a user on bitcointalk, in which he shows the blocks and the addresses indicted, I leave the link:


It is interesting to note that on April 4 2018, when it was involved in the 51% attack, XVG was affected only for 1 day in terms of value of listing, even after it had a rapid growth of about 100%

From the height of 17 April 2018 to today 25/01/2019 XVG is under 1611%




In a detailed blog post, Coinbase security engineer Mark Nesbitt revealed that Vertcoin’s network went through repeated 51% attacks, with the largest reorganization having a length of 310 blocks and a depth of 307 blocks which, according to the specialist, may have caused double spends upwards of $100,000.
Vertcoin’s mining algorithm is deliberately geared against ASIC and ASIC-like devices by making them particularly inefficient. Instead, mining on the network is designed to be achieved solely through commonly available graphics cards. This is supposedly an attempt to hedge against mining centralization.


The company’s response via a blog post:



Ethereum Classic ETC

On January 5, 2019, Ethereum Classic (ETC) fell victim to a 51% attack. At first, the attack went unnoticed for over 24 hours until Coinbase’s engineers noticed that 88,500 ETC (roughly $450,000) were falsely deposited on the OkEX crypto exchange.

If we look at data, on January 8th Ethereum Classic had just 8.8 terrahash. If we compare that to Bitcoin, we’ll see the huge difference with over 39 million terrahash. If we look at these numbers, we can clearly see why Ethereum Classic would be an easier target than Bitcoin or Ethereum.


The ETC team stresses that they believe everything is fine. However, in a follow-up tweet they asked mining pools and exchanges to require as many as 400 confirmations:

The recent 51% attack against Ethereum Classic blockchain, shook the cryptocurrency community and the hacker or the organization behind the act has now returned 100k USD worth in tokens.
The hacker has not provided any information about the reason behind this change of heart and returning the money in ETC to the firm’s account, reported Exchange, an official blog of the cryptocurrency on January 10.

“On Jan.10, we found that the recent ETC 51% attacker returned 100k USD value of ETC back to
We were trying to contact the attacker, but we haven’t got any reply until now.
We still don’t know the reason. If the attacker didn’t run it for profit, he might be a white hacker who wanted to remind people the risks in blockchain consensus and hashing power security”.





Other Coins (Aurum, BTG, Mona, ZenCash)



Aurum coin

“Aurum coin (AU) network was hacked (51 percent attack), a total of 15,752.26 AU is missing from Cryptopia’s wallet ( exchange). Aurum coin network is not the responsibility of anyone, same as Bitcoin network, it is open source distributed cryptocurrency. What’s worse is that cryptopia exchange do not admit it. This is not the way to solve this problem.” 

To be crystal clear, that is absolutely not correct. Cryptopia was not hacked. AurumCoin itself was hacked.

This is exactly why it’s so important to know what exactly you’re buying and whether it’s at risk of a 51% attack.

Cryptopia de-lists a lot of coins as a natural consequence of listing so many. AurumCoin might simply have slipped the net:




A bitcoin gold address implicated in the attack has received more than 388,200 BTG since May 16 (mostly from transactions it sent to itself). Assuming all of those transactions were associated with the double spend exploit, the attacker could have stolen as much as $18.6 million worth of funds from exchanges

BTG attack:




Between 13-15 may 2018, Monacoin, a cryptocurrency developed in Japan, appears to have suffered from a network attack that caused roughly $90,000 in damages.

The attack appears to have been a selfish mining attack, where one miner successfully mines a block on the blockchain but does not broadcast the new block to other miners. If the secret miner can then find a second block before the rest of the miners find any new blocks, then the secret miner has now effectively created a branch in the chain that is longer than the chain everyone else is working on.

51% attack on Monacoin:




ZenCash target of 51% attack; loses more than $500K in double spend trasnsactions.

The Zen team immediately executed mitigation procedures to significantly increase the difficulty of future attacks on the network.

ZenCash Statement:




The importance of a secure and decentralized cryptocurrency.

To better understand how many Altcoins there are in circulation that could be predisposed to a 51% attack, a very useful site is:

A list of coins on the site


Looking at the site you can see yourself that on some Altcoin, with less than $ 10 per hour, you could easily make an attack.

For a coin called Cream, for example, 5.289.707% of NiceHash is available!

While observing well-known crypto like Metaverse or Bitcoin Private:


You see that even in coins with daily volumes above one million, they are easily attackable.


Indeed ETC, which covers the top 20 positions of the market cap, has an hourly cost for the attack of “only” 4000 $


As already mentioned at 51% attack the crypto with POW protocol are vulnerable, to reduce the risk of attacks there are several solutions:

  • PoS
  • Coins built on top of other networks (ERC20)
  • Interchain linking



After reading this article I hope you have understood the importance of fully evaluating each project, and that no matter how famous, or how many people sell / buy that asset.

By checking the crypto51 site and the coins you have in your wallets, have you found that you are holding vulnerable coins?
If the answer is yes, do you feel safe to keep them?



In conclusion:

It is not the blockchain that is vulnerable, but the crypto and the team that works on them.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.