Over the past few months, 51% attacks have been on the rise against cryptocurrencies whose blockchains support the PoW (Proof of Work) consensus algorithm. The first major cryptocurrency afflicted was the anonymous Verge, which has sustained at least two attacks since April this year. Further, in May, the cybercriminals managed to initiate a double spend attack with the Bitcoin Gold cryptocurrency and spent up to $18 million in duplicated coins. The MonaCoin cryptocurrency blockchain also suffered from a 51% attack. Experts have suggested that a certain group of scammers is methodically capturing the hash rates of PoW networks and the crypto market should not expect the attacks to cease anywhere in the near future.

How Does a 51% Attack Take Place?

The threat of centralization of computing power, known as a 51% attack, is considered to be one of the key vulnerabilities of the PoW consensus algorithm. This happens when the attacking party consisting of a comparatively small number of miners has the "control package" of the hash rate of the computing power of the network.

The reason for this vulnerability is the fact that the miners can simultaneously offer the network the correct hash solutions that allow them to confirm the integrity of the data and add new blocks to the network. In this case, a fork takes place in the blockchain. The PoW consensus algorithm assumes that the other miners recognize the correct branch that has the most blocks and will vote for including such a branch in the blockchain system.

Thus, if the miner or the pool of miners controls more than half of the hash rate, then they have the opportunity to add their branches and thereby manipulate two-way transactions and not confirm any new transactions. Also, a 51% attack can lead to a situation in which unscrupulous miners can use the same coin several times, recalling transactions with it, which is called double spending, or a double spend attack. At the same time, the attacking side cannot change information in already added blocks and generate new cryptocurrencies.

How Much Does a 51% Attack Cost?

In light of increasing attacks, a website known as Crypto51.app appeared at the end of May, which calculates the cost of an hour of a 51% attack on the cryptocurrencies of PoW networks. According to an unknown crypto enthusiast who launched this resource, he was seeking to draw the attention of the crypto community to the impending threat from unscrupulous miners.

According to the site, if one hour of attack on the blockchains of such popular cryptocurrencies as Bitcoin or Ether costs $538,042 and $390,477 respectively, then an attack on smaller networks will cost the attackers much less. For example, in order to get most of the Ethereum Classic hash rate, they will need $2,216, $447 for Ubiq, and an attack on Mooncoin's blockchain will cost only $7. These amounts, however, do not take into account the reward of the miners for the addition of new blocks, which can reduce the costs of the attacking side by up to 80%.

Attacks on Verge, Bitcoin Gold, Monacoin, and Electroneum

The first major 51% attack occurred in April 2018, when for several hours the miners of the anonymous Verge cryptocurrency network were able to receive about 250,000 XVG coins worth about $1.8 million. This case became a kind of precedent, as this attack was made possible by a bug in the code, and not because of the capture of computing power by intruders.

On April 4, ocminer, a Bitcointalk forum user, reported that there was a bug in the network code that allowed hackers to add new blocks to the network every second, instead of the prescribed 30 seconds. This happened because Verge's blockchain system supports five consensus algorithms simultaneously, which must change with each new block. The attackers sent blocks of the Scrypt algorithm with a false timestamp and the network accepted such a block, thinking that the last time the block of the Scrypt algorithm was added an hour ago. The attack lasted three hours, during which 99% of the blocks of other miners were not accepted, and the attacker managed to get about 250,000 XVG coins.

As a result, the Verge team carried out a hard fork of the network, which was supposed to eliminate the bug, but it did not help. About a month later, the network was once again subjected to a 51% attack. The second precedent occurred on May 22, and the same ocminer Bitcointalk user reported it:

"Since no major changes were made to the network since the last attack (only a temporary solution), this time the attackers were able to use two algorithms instead of one to fork the network to get their own profits and earn millions."

As a result, the miners managed to steal about $1.7 million worth of XVG. A third attack came on May 27, when the CHIEF56 user of the Bitcointalk forum noticed that "strange transactions" with incorrect timestamps were taking place in the Verge network, which could signal a double spend threat. On May 29, the user ocminer also confirmed that an attack was committed on the network. Not all users agree with this assumption, however. In their opinion, since the activity of the Verge network did not show a decrease in the complexity of any of the five mining algorithms during that period, and there were no leaps in the speed of creating new blocks, then there were no attacks on the network as of May 22.

Bitcoin Gold

While attacks on Verge led to a loss of $3.5 million, the damage inflicted on Bitcoin Gold as a result of the attack is estimated at $18 million. Director of Bitcoin Gold Communications Edward Iskra reported about the attack on May 18 in his blog.

According to Iskra, on May 16, an unknown hacker managed to seize most of the network's hash rates and gain control over transactions in the blockchain. This allowed the attacker to double spend the cryptocurrency, transferring coins to various crypto exchanges and immediately canceling transactions, and also transferring the same coins to his wallet. The attack lasted for three days from May 16 to May 18, and the hacker managed to accumulate about 388,000 BTGs worth $18 million at the rate of that time.

While Bitcoin Gold developers are working to resolve the problem, exchanges are recommended to increase the number of confirmations to 50 blocks required to transfer BTG to a client's account.

MonaCoin

Another cryptocurrency that suffered from the actions of an unscrupulous miner in May was the Japanese MonaCoin. According to CCN, the 51% attack lasted from May 13 to 15. As a result, the unknown miner managed to get $90,000 due to a vulnerability in the blockchain of the cryptocurrency. This became possible since the MonaCoin network provides for relatively rapid identification of new blocks.

In a very short time, a single miner was able to find not one, but two blocks at once. He left the identified blocks in secret, however. This created a fork in the blockchain and allowed the miner to subsequently publish his own, longer chain of blocks, that the other members of the network voted in favor for, thus recognizing it as the only true one. Thus, one miner received control over the MonaCoin network, and all the blocks that were found before the publication of the secret chain were found to be invalid. This allowed one of the miners to control the confirmation of transactions in the network, as well as conduct double spends with the MonaCoin cryptocurrency.