To really understand how this type of attack is performed, you need to have a good understanding of how Blockchains work, such as Bitcoin, and cryptocurrency mining.
In brief, cryptocurrencies such as Bitcoin are often labeled as decentralized. That means there is no central authority to control it. Rather, it uses a peer to peer network to manage a worldwide ledger which contains details of all the transaction details that have ever taken place. The decentralized work of the nodes ensures that the protocol rules are being followed and that all network participants agree on the current state of the blockchain.
When a new transaction is created, it is transmitted across the network to be verified. This process can take up to 10 minutes on average as the verification process is done by multiple individual users on the network.
These users are called miners, and they use powerful computer hardware to continuously search for a hash that matches a given pattern. This pattern identifies a hash that matches what is called a “Block.” Miners are rewarded whenever they find a matching hash. This motivates them to look for new blocks. The reason that it takes up to 10 minutes to verify transactions is that Bitcoin only releases new blocks subject to 10-minute intervals. Since the process of mining involves the investment of huge amounts of electricity and computational resources, a miner’s performance is based on the amount of computational power he has, and this is usually referred to as hashrate.
In simple terms a 51% attack is a malicious act on a blockchain network, where a participant or a group of participants take control of the network by contributing more than 50% of the total hashrate. This would, in effect, give the actor the power to alter certain aspects of the blockchain network’s functionality. In such a scenario, the attacker would have enough mining power to intentionally exclude or modify the ordering of transactions.
In a sense, you can’t really steal someone else’s cryptocurrency through a 51 percent attack. However, you can falsely send your own cryptocurrency to someone else, but then reverse that transaction and end up keeping the crypto. This is why people also refer to a 51 percent attack as a “double spend attack.”
To get an understanding of how severe such an attack can be, consider the case of Bitcoin Gold. It was one of the many instances when cryptocurrencies were double-spent fraudulently. In 2018, a group of attackers launched a 51% attack on Bitcoin Gold. Despite Bitcoin Gold repeatedly trying to increase their exchange thresholds, the attackers were able to continue their double-spending transactions for a few days. It was estimated that $18 million worth of Bitcoin Gold was stolen during this attack.
Changing the block’s reward, creating coins out of thin air or stealing coins that never belonged to the attacker are not possible from such an attack.
An indirect, but a far more serious outcome of a successful 51% attack would be that users will lose their trust in the currency, especially if it happens to Bitcoin. This would not only affect the demand for Bitcoin but also for other cryptocurrencies, as users view Bitcoin as the benchmark. This would also cause miners to lose interest as their rewards begin to decline. This could lead to the network becoming smaller and being less secure.