In August 2020, the Ethereum Classic network was attacked three times by hackers. During the first attack, criminals mined 3,693 extra blocks. A few days later, in the second attack, hackers mined 4,000 extra blocks. In addition to mining the extra blocks, the hackers obtained 807,260 ETCs through a double transaction. A week and a half later, hackers attacked Ethereum Classic for the third time. During the third attack, hackers altered data in 7,000 blocks.
The result of the attacks was the cryptocurrency exchange OKEx's demand to the project's management and Ethereum Classic's developers to improve security - or the exchange will remove ETCs from trading.
In all three cases, hackers used a method called the '51% Attack'.
WHAT IS A '51% ATTACK'
A '51% Attack' refers to an attacker's actions to seize control of transaction validation and generate new blocks, using 51% of the cryptocurrency network's processing power.
An advantage in processing power would allow a hacker to single-handedly control all cryptocurrency blockchain activities: an attacker could slow down the system, stop confirming transactions, stop mining, re-mining, and block honest miners from operating.
The biggest threat to the system is double spending. An attacker creates his own, parallel branch of the blockchain without passing information to the rest of the network. Two versions of the blockchain emerge. The honest miners work with the main branch, unaware of the existence of the second branch.
The attacker spends their funds in the main version of the blockchain but does not include those transactions in their own, isolated branch. In the parallel branch, the digital coins remain in the attacker's account.
In a blockchain, the longest branch is recognised as the true blockchain, with all the miners working on the cryptocurrency network adding their blocks to it. Capturing 51% of the processing power will allow the attacker to build their branch to the required length and the blockchain protocol will accept that branch as correct. In this branch, the spent assets are still in the attacker's account and he can spend them again.
WHICH CRYPTOCURRENCIES ARE SUSCEPTIBLE TO THE 51% ATTACK
The 51% Attack method exploits a blockchain vulnerability in which transactions are confirmed by network participants.
For cryptocurrencies using the 'Proof-of-work' consensus algorithm, an attacker needs to take control of 51% of computing power. Researchers at 51crypto have calculated: to conduct the 51% Attack on Bitcoin, an attacker would have to spend $716,000 per hour (May 2021 data). To attack Dash cryptocurrency, an attacker would only need to spend $3,200 per hour.
Before the Ethereum Classic attacks, cryptoanalysts believed that emerging, young digital currencies that have not gained traction with users were most at risk of a 51% Attack.
The case of Ethereum Classic proved otherwise - attackers are willing to invest in an attack and wait for the right moment.
Before launching one of the attacks on the ETC network, the attackers rented $192,000 worth of processing power through the Nicehash service, and during the attack, the hackers made 11 double debit transactions worth $5.7 million. The attack coincided with the 2Miners pool disconnect from the ETC network - this allowed the hackers to conduct the operation without interference.
The 51% attack on cryptocurrencies using the Proof-of-Stake algorithm is theoretically possible, but not economically viable. Buying 51% of the system's coins is many times the cost of buying computing hardware.
Technically, the 51% Attack is possible on all cryptocurrencies - it all depends on the target the attackers have in mind.
An attack on digital currencies may not have any direct economic benefit, but a successful attack will undermine user confidence, cause a drop in the value of the digital currency, and cause panic on exchanges.
WHAT IS THE DANGER OF THE 51% ATTACK?
Cryptocurrency experts say: the 51% attack does not pose a big threat to users and miners. The only thing ordinary users might face is transaction delays and a decline in the value of digital coins.
This view does not reflect the depth of the full implications for cryptocurrency affected by the 51% Attack.
In May 2018, hackers carried out a 51% Attack on Bitcoin Gold. The hackers withdrew the equivalent of $18 million through the cryptocurrency exchanges Bittrex, Binance, Bitinka, Bithumb and Bitfinex with double spending. To protect against repeated attacks, the development team conducted a hard fork, moving the network to a modified Equihash-BTG algorithm that is not supported by classic ASIC miners.
The Bitcoin Gold network's hard fork did not solve all of the problems the cryptocurrency had after the hackers attacked.
Cryptocurrency exchanges affected by the double debit during the attack have demanded that the Bitcoin Gold team compensate for the lost assets. The Bitcoin Gold team refused: the developers argued that the 51% Attack was a known type of threat, and cryptocurrency exchanges should have taken better care of their security. In response to the rejection, cryptocurrency exchange Bittrex removed Bitcoin Gold from trading, and cryptocurrency exchange OKEx delisted Bitcoin Gold futures.
The cryptocurrency exchange Coinbase refused to support Bitcoin Gold after the hard fork.
Coinbase's decision came as a surprise to one of Bitcoin Gold's coin holders, Darrell Archer.
Before the fork, Archer had 350 BTG in his wallet on the exchange. After the fork, Coinbase refused to return the coins to the owner.
The example of the situation after the Bitcoin Gold attack shows that the consequences of illegal actions affect all market participants - from cryptocurrency developers to ordinary users.
The only reliable defence against the 51% Attack is to make it unprofitable for attackers, to create conditions in which it costs more to maintain 51% processing power than the possible benefit of blockchain disruption and double spending.
Currently, this is done by building a strong network like Bitcoin, by switching to Proof-of-Stake like Ethereum 2.0, or by increasing the wait time for withdrawals, a method used by leading exchanges for cryptocurrencies hit by hackers.