Insights > Blog

How Blockchain Can Be Hacked: The 51% Rule and More

The infamous criminal Willie Sutton was once asked why he robbed banks, and his response was “because that’s where the money is.” Blockchain technology and the related cryptocurrency revolution of recent years have garnered widespread attention. This attention has attracted people looking to steal money. Thieves steal money in blockchain by exploiting every detail of the design, implementation and execution of these networks.

Blockchains are distributed records (chains) of transactions (blocks). Members of the network are incentived to validate, record and announce the records. If these transactions are focused on currencies, then they are called cryptocurrencies. Examples of these currencies include Bitcoin, Litecoin and Ethereum. Each transaction validation yields the person validating a bit of the currency.

51% Attacks

On the surface, blockchain seems to be a solid and transparent system immune to fraud or deception. In reality, MIT reports that hackers have stolen nearly $2 billion worth of cryptocurrency since 2017. The methods for the thievery varies, but a technique that points to a theoretically weakness in blockchain is know as a “51% Attack.”

51% Rule for Blockchain

The 51% Rule refers to a situation where an entity controls more than 51% of the computing (hashing) power within a blockchain network. The entity then creates fraudulent, yet personally validated transactions records. These records might not include previous payments leading to a double payment. Other modifications to records that are beneficial result for the perpetrator can also occur.

The protocol of a blockchain system validates the record with the longest transactional history. If the attacker has more than 50% of the processing power, they will have the longest transactional history. This means that their incorrect blocks will be the valid ones. Smaller networks are especially vulnerable to a 51% Attack.  If trust is lost in a network, then the currency might crash.

Smart Contracts

A multi-university report says Smart Contracts can be vulnerable. Smart Contracts are used to assure transparent and secure interactions in the blockchain. They run a program that executes items related to contract agreements. For example, there might be an if then statement that releases to another person money if a form is signed. The exchange is controlled by a set automated process. The contracts are integrated into the blockchain to ensure transparency.

However, even Smart Contracts are vulnerable. Bugs can exist in the code, either intentionally or inadvertently.  The errors cause incorrect actions to occur in the contract. These errors have led to over $70 million in loses in recent years. There is no accurate tools available for testing and detecting these vulnerabilities.

No system is perfect. Knowing the fallible nature of technology frameworks can give users the insight to look out for errors and be vigilant. 

Did you enjoy this blog article? Comment below with your feedback.


  1. Shubham Pal

    I loved the content and it cleared my all confusion.

  2. Kelly Moan

    Interesting what they don’t say when you invest in crypto.

  3. kennymo

    the blockchain is only as secure as the math formulas which lock out thieves. this article does cover the basics clearly to both the beginner and the advance students, excellent illustrations,

  4. Mark

    A 51% Attack is just a good-old fashioned pump and dump.

    • Nathan Mills

      No. A 51% attack includes theft and requires massive investment in order to overried the valdation mining pools. It’s barely similar.

  5. Chan Kah Wai

    Every vulnerability will be exploited.


Submit a Comment

Your email address will not be published. Required fields are marked *


Information Security Maturity Self-Assessment Survey

Learn More

•  Whitepapers
•  E-books
•  Checklists
•  Self-Assessments
•  Webcasts
•  Infographics