Both proof-of-work and proof-of-stake-based cryptocurrency networks are susceptible to what is called a 51% attack. Basically, a 51% attack is when a miner takes control of 51% of a proof-of-work network's computing power or when a staker takes control of 51% of a proof-of-stake network's coins. In both cases, the ultimate goal is to be able to spend a large number of the network's coins twice (double-spend them) in order to pocket as large an amount of them as possible.
Overall, this sort of attack is usually considered to be the greatest threat to any blockchain network's security.
How does a 51% Attack become possible?
The process to carry out a 51% attack varies based on whether the network involved is proof-of-work or proof-of-stake-based, as mentioned above.
If, for example, an attacker wants to target Bitcoin, they would have to purchase 51% or more of its total computing power, which is also called "hash power." If, however, an attacker wants to take control of a proof-of-stake-based network, then they need to buy 51% or more of its available coins.
In both cases, making a 51% attack happen carries a hefty cost, but attacking a proof-of-work network is generally harder because it requires the attacker to purchase specialized hardware to become a miner if they aren’t already.
How much does a 51% Attack cost?
The cost of a 51% attack depends on the strength of the network that's targeted. That means that based on hash power, Bitcoin is the most secure in this respect, while many Altcoins would be much easier to hack.
According to experts, that means that the cost of carrying out a successful 51% attack on Bitcoin would amount to about $724 million in costs for just 1 hour of control. By contrast, some much smaller networks can reportedly be attacked for as low as $15. In the case of proof-of-work networks, this is because Altcoins have far fewer miners than Bitcoin does and, therefore, weaker overall security.
With proof-of-stake networks, on the other hand, a 51% attack can be carried out simply by buying more than 51% of a network's available coins. This theoretically makes them more susceptible to such an event since they don't have the added requirement of specialized hardware, which takes time to build.
What happens during a 51% attack?
During a 51% attack, a malicious miner begins with transactions from Bitcoin's pool(the Mempool), which is where all transactions go until they're placed into blocks. They then begin to group transactions into a block by solving the hash function(the proof-of-work problem). Since the attacker has more than 51% of the network's hash power, they have the greatest chance of being the first to garner the block reward.
Once that occurs, they hide their success from other miners instead of allowing them to confirm it, which results in two versions of the Bitcoin blockchain, one which contains the attacker and the other which contains all other working miners.
From here, the attacker works to take as many blocks from Bitcoin's Mempool as they can before other miners discover them. Since the theoretical cost of 51% attacking Bitcoin is over $724,000, they'd have to mine far more than two blocks to make up for the cost of buying their mining hardware(mining computers).
This is where double spending comes in. While 51% of attacker's working on mining blocks, they're also working to reverse as many transactions as possible and re-route them. This is possible because even though two versions of the Bitcoin blockchain exist, both have access to all of the Bitcoin transactions that come through. The more of the Bitcoin network's hash power an attacker controls, the more funds they can theoretically steal by sending them to their own wallet before they're caught.
During a 51% attack on a proof-of-stake network, the process and its results are largely the same, except that the enterprising attacker only needs to pay for 51% or more of a network's coins, then begin validating blocks alone.
How can a 51% Attack be Stopped?
First and foremost, the more hash power a cryptocurrency network has, the less likely it is that a successful 51% attack will ever be carried out on it. Bitcoin is the prime example of this, having never been 51% attacked, since it's simply so expensive to do so, in time and in cost.
If a 51% attack is, however, ongoing on a cryptocurrency network, then the ideal way to stop it is for miners or validators to band together to work against the attacker and even bring more mining rigs/stake to their cause if necessary. In the case of proof-of-stake networks, since they don't have the added requirement of mining hardware, most of them have developed alternative security measures to protect them from 51% attacks.
Chief amongst these is the ability of users to delegate their stake to someone who validates blocks on their behalf and pull that stake if that validator acts against the network, causing them to lose their status.
Has any network ever been successfully 51% attacked?
In short, yes. Several Altcoin networks have been 51% attacked and have lost significant funds as a result, further illustrating the importance of achieving as much hash power or as many added protections for validators, as possible.