Employing crypto-mining malware is among the most favored methods of crypto-jackers in infiltrating a system and stealing cryptocurrencies. But there’s another one that’s also feared: the 51 percent attack.
In a nutshell, this method of infiltration requires the attacker to take control of a network’s hashing power exceeding 50 percent. If an attacker manages this, they will be able to inhibit new transactions from requiring authentication, allowing the cessation of payments between some, or even all, users. This will also allow the hackers to double-spend coins by reversing completed transactions during the time they are in control of the network.
Double-spending is unique in the cryptocurrency market. It is the act of completing a transaction and reversing it, essentially creating a duplicate of the coin that was supposedly spent.
So why does this kind of attack not happen on a regular basis? The problem with this approach is that it is ridiculously difficult to gain a 51 percent control of a network’s hashing power since the cost of launching an attack is higher than the value of any gains from it. Some would argue that the amount of hashing power will be better off being used in mining cryptocurrencies instead.
A 51 percent attack is so rare that some experts argue that those operating in cryptocurrency who have a longer ledger of transactions will be immune to it, which makes sense since the bigger the block, the more hashing power it will take to change the prime transaction. However, it seems that this isn’t the case anymore, according to Coindesk.
Joseph Bonneau, an NYU computer science researcher, released a report last year that lowered the cost of a 51 percent attack by simply renting hashing power, rather than going out and buying the equipment needed. He concluded in his research that the 51 percent attack will grow over time.
Now, that prediction is starting to take shape. In the last month alone, there were at least five reported cryptocurrencies that were hit using a 51 percent method. With each hit, the attackers were able to take control of the small networks, tamper with their transactions and bag hundreds of thousands of dollars.
Cornell professor Emin Gün Sirer said in a tweet that digital coins that take less than $1 million to attack are the ones that are at risk and those who have savings on them better think fast before they get in a hacker’s cross hairs. There’s even a website that calculates how much it will cost to attack cryptocurrencies today, from the popular Bitcoin and Ethereum to the obscure CryCash and Linx.