What Is a 51% Attack? How Blockchains Are Protected and Why UK Crypto Investors Should Care
A 51% attack can let hackers spend the same cryptocurrency twice and steal millions. Here is how it works, which coins are at risk, and what UK investors should
In May 2018, Bitcoin Gold — a hard fork of Bitcoin — was hit by a 51% attack. The attacker reorganised the blockchain, spent the same coins twice, and walked away with the equivalent of $18 million. The attack did not touch Bitcoin itself. But it exposed a vulnerability that every crypto investor should understand before putting money into smaller blockchain projects. A 51% attack is not theoretical. It happens. It has happened to real networks with real investors losing real money. Understanding how it works changes how you assess risk in the crypto market — and it should.
What a 51% Attack Actually Is
To understand a 51% attack, you need to understand how proof-of-work blockchains reach consensus. In Bitcoin and similar networks, transactions are grouped into blocks and added to the chain by miners — computers solving complex mathematical puzzles. The puzzle solution proves computational work was done. The chain all miners agree on is the longest one — the one with the most accumulated proof of work behind it.
This creates a vulnerability. If a single entity controls more than half — 51% — of the total mining power on a network, they can create an alternative version of the blockchain faster than the rest of the network can extend the honest chain. Because the network always accepts the longest chain, the attacker can replace recent transaction history with their own version. Any transactions that appeared to confirm during the attack can be erased from the record.
It is important to be precise about what a 51% attack can and cannot do. An attacker with majority hash power can reverse their own recent transactions, preventing other miners from confirming new blocks temporarily, and double spend coins. They cannot steal funds from addresses they do not control. They cannot change the total coin supply. They cannot alter transactions that are buried deep enough in the chain to require rewriting thousands of blocks — the computational cost becomes prohibitive.
Double Spending: How the Attack Actually Works
The practical application of a 51% attack is almost always a double spend against a cryptocurrency exchange. The attacker starts by acquiring the target cryptocurrency — say, Ethereum Classic. They deposit a large amount to an exchange, trade it for Bitcoin or withdraw fiat currency, and let those withdrawal transactions confirm normally. At this point the exchange has sent them real money or Bitcoin.
Simultaneously — or having started the private chain earlier — the attacker is secretly mining an alternative version of the blockchain that does not include the original deposit to the exchange. Once they have received their funds, they release their longer private chain to the network. The network switches to the attacker’s chain because it is longer. The deposit to the exchange vanishes from the record. The attacker still has both their original coins and the money the exchange paid out.
The time window for this attack is constrained. Most exchanges require a certain number of block confirmations before releasing funds — typically six for Bitcoin. Attackers must secretly mine enough blocks to eventually outpace the public chain during exactly that window. For Bitcoin itself, the hash rate is so enormous that secretly accumulating more than 51% would require hardware investment in the hundreds of billions of pounds. That is not practical. For smaller chains sharing the same mining algorithm, it is a different story entirely.
Real Attacks: When 51% Has Succeeded
Bitcoin Gold was attacked multiple times. The first attack in May 2018 cost exchanges around $18 million. A second wave of attacks in January 2020 reorganised over 1,300 blocks — erasing around two days of transaction history — and cost approximately $72,000 in double-spent coins before exchanges responded by requiring 200 or more confirmations.
Ethereum Classic has been attacked at least four times. The January 2019 attack cost Coinbase around $1.1 million and prompted the exchange to temporarily halt ETC trading. More attacks followed in August 2020, reorganising over 3,000 blocks across two separate incidents. Each attack damaged the coin’s reputation and triggered exchange delistings or dramatically higher confirmation requirements.
Vertcoin, a small proof-of-work chain, was attacked in December 2018 with over 300 blocks reorganised, and again in late 2019. The pattern across all these attacks is consistent: smaller proof-of-work chains using mining algorithms also used by much larger chains are the primary targets. The attacker can rent hash power from the larger network temporarily to overwhelm the smaller one.
Which Cryptocurrencies Are Most at Risk
The risk of a 51% attack correlates directly with a chain’s hash rate relative to similar chains using the same mining algorithm. Bitcoin uses SHA-256. Ethereum Classic uses Ethash. If a chain uses the same algorithm as a much larger coin, attackers can rent hash power from the larger network’s miners or from services like Nicehash to attack the smaller chain without owning any dedicated mining hardware.
The website Crypto51.app calculates the hourly cost of attacking proof-of-work chains based on current hash rates and rental prices. When I last checked, attacking Bitcoin would cost over $1 million per hour — completely impractical. Attacking a smaller SHA-256 chain might cost $500 per hour. At those prices, a successful double spend against a compliant exchange could be massively profitable even after rental costs.
Proof-of-work chains with very low hash rates, newly launched, or with declining miner interest are at highest risk. That description fits a significant proportion of altcoins that were launched in the 2017-2021 era and have since seen their mining communities shrink. Many continue to trade on exchanges with confirmation requirements set years ago, when the chain was more secure than it is today.
How Blockchains Defend Against Attacks
The most immediate defensive response from exchanges is to require far more block confirmations before releasing funds. Binance moved from 6 to 200 confirmations for Ethereum Classic after the 2019 attacks, making the attack window long enough that the computational cost exceeds the potential reward. This slows deposits significantly but closes the practical attack vector.
Some chains have implemented protocol-level defences. Ethereum Classic introduced MESS — Modified Exponential Subjective Scoring — after the 2020 attacks. MESS makes chain reorganisations exponentially more expensive the deeper they go by scoring the subjective quality of competing chains, making a massive reorg prohibitively costly even with majority hash power.
Merge mining offers another defence for smaller chains. Bitcoin Cash and Namecoin allow miners to mine both chains simultaneously without extra computational cost, sharing the larger chain’s security. If a small chain can attach itself to a much larger chain’s security budget, the cost of attacking it rises to match the larger chain. Not all chains can implement merge mining without significant protocol changes, but it has proven effective where deployed.
Proof of Stake and the Changed Threat Model
Proof of stake fundamentally changes the 51% attack economics. In a proof-of-stake network, validators put up their own cryptocurrency as a stake rather than competing with hardware. To control 51% of validation power, an attacker must acquire 51% of the staked supply. For Ethereum, with over 33 million ETH staked at current rates, that means buying and staking assets worth well over £100 billion.
The economic attack vector compounds the difficulty. If an attacker accumulates 51% of a proof-of-stake network’s supply to attack it, the attack would likely crash the price of the asset they just spent a hundred billion pounds acquiring. Successful attacks trigger mass selling and protocol emergency responses — slashing, where validators who behave maliciously lose their stake permanently. The attacker destroys their own investment in the process of attacking.
Proof of stake is not theoretically immune to a 51% attack — nothing is. But the economics make it dramatically harder and more expensive than proof of work, where the attacker needs only to rent or own hardware for the duration of the attack. For major proof-of-stake chains like Ethereum, Cardano, and Solana, the 51% attack is an effective non-issue at current market capitalisation. For newer, smaller proof-of-stake chains, the risk is higher — accumulating 51% of a chain worth £10 million requires spending only £5 million.
What Due Diligence Looks Like Before Investing
When evaluating any proof-of-work altcoin, the first check should be the mining algorithm and the relative hash rate. If the coin uses the same algorithm as a much larger chain, and its own hash rate is a small fraction of that chain’s, the cost of attacking it is low. That is a real risk factor that belongs in any investment decision.
Check the exchange confirmation requirements for the coin. An exchange requiring only 6 confirmations for a chain that has been attacked twice is under-protected. The fact that major exchanges have dramatically raised confirmation requirements for Ethereum Classic and similar coins should itself be read as a market signal — those exchanges are telling you the risk is material.
Review the team’s response history to any previous attacks. A chain that was attacked and implemented transparent post-mortems, protocol upgrades, and coordinated exchange responses demonstrates competence and community health. A chain that was attacked and responded slowly, or whose team denied the attack or minimised it, is a warning sign. The ability to respond credibly to a security incident matters as much as preventing the incident in the first place.
What This Means for UK Investors
For UK investors holding Bitcoin or Ethereum, the 51% attack is not a serious concern. Bitcoin’s hash rate makes an attack economically impossible at any realistic scale. Ethereum moved to proof of stake in September 2022, removing the proof-of-work attack surface entirely. The two largest crypto assets are effectively secure from this specific threat.
The risk concentrates in smaller altcoins, particularly older proof-of-work chains with declining miner interest. UK investors who hold or are considering altcoins in this category should check Crypto51.app for the current attack cost, and review the confirmation requirements that major exchanges apply to the coin. Both are public data that take under five minutes to check.
From a UK tax perspective, HMRC treats crypto-to-crypto disposals as taxable events regardless of what happens to the chain during an attack. If an exchange freezes your ETC during an attack investigation, or reverses a transaction as a result of a reorg, the tax implications depend on exactly what disposals you made before the freeze. Keep detailed records of all transactions including timestamps — attack-related chain reorganisations have created reporting complications for UK investors in the past, and HMRC requires accurate records whether the chain agrees with your transaction history or not.
This article is for educational purposes only and does not constitute financial advice. Cryptocurrency investments involve significant risk. Always do your own research.
Stay ahead of the market
Join 4,200+ readers getting weekly crypto, AI, and digital lifestyle insights every Thursday. No spam. Unsubscribe any time.
Partner picks
Build a smarter digital stack
Explore curated AI, automation, wealth, and creator tools selected for practical value, transparent pricing, and clear use cases.
Disclosure: some links may be affiliate links. DigitechLifestyle may earn a commission at no additional cost to you.



