August 12, 2025
Bottom Line: Monero, the premier privacy cryptocurrency, has faced its first major 51% attack from Qubic, a blockchain project led by IOTA co-founder Sergey Ivancheglo. This economic assault represents a paradigm shift in crypto attacks—moving from technical exploits to financial incentives—and has sparked urgent questions about the future of decentralized networks and privacy-focused cryptocurrencies.
The Attack Unfolds
In what security experts are calling a successful 51% attack, Qubic mining pool has achieved majority control over Monero’s hashrate, causing a six-block deep chain reorganization that replaced 60 previously valid blocks. Blockchain security firm SlowMist confirmed that this unprecedented move has already resulted in a major chain reorganization, allowing Qubic to alter blockchain history at will.
The attack culminated on August 12, 2025, when Qubic’s hashrate peaked at 4.99 GH/s, representing over 51% of Monero’s total network power. Industry experts estimate that sustaining such an attack costs around $75 million per day, yet the economic model underlying Qubic’s strategy makes this financially viable through its innovative token economics.
The Architect Behind the Attack
Sergey Ivancheglo, known in crypto circles as “Come-from-Beyond” and co-founder of IOTA, has openly admitted that his Qubic network was staging a takeover of the Monero network. In social media posts, he stated that after gaining control of most of the network’s hashrate, Qubic would reject blocks mined by other pools, effectively centralizing the network into a single pool.
Ivancheglo framed this as an “economic demonstration” rather than a malicious attack, claiming he was trying to find a countermeasure to the very attack he was orchestrating. He described the move as important to the cryptocurrency industry “because one day we all may face a non-benevolent attack”.
The Economic Warfare Model
Unlike traditional 51% attacks that rely on raw computational power, Qubic employed what experts are calling “economic warfare.” The project’s “useful proof-of-work” (uPoW) model converts Monero mining rewards into USDT to buy and burn QUBIC tokens, with its share of the network rising from under 2% in May to over 25% by late July.
By paying miners in QUBIC tokens instead of XMR, the pool creates a self-reinforcing cycle: miners flock to Qubic for higher profits, increasing its hashrate share. This “economic warfare” exploits Monero’s fixed 0.6 XMR block reward and low fees, making it cheaper to attack than Bitcoin or Ethereum.
The daily cost to dominate Monero is estimated at just $7,000–$10,000 above Monero’s $130,000 security spend—a shockingly low barrier for a $6 billion cryptocurrency.
Timeline of the Attack
May 2025: Qubic’s share of Monero’s hashrate was under 2%
June 30, 2025: Qubic publicly revealed it had begun incentivizing Monero CPU mining, with mined XMR used to fund buybacks and token burns for the Qubic ecosystem
July 2025: Qubic’s hashrate surged to over 27%, briefly making it the top Monero mining pool
July 30, 2025: Qubic stopped reporting its hashrate data publicly, making it harder to assess the danger it posed to the network
August 2-12, 2025: The planned “takeover test” period, culminating in the successful 51% attack
Community Resistance and DDoS Allegations
The Monero community didn’t sit idle. After the community noticed the pool appeared to be openly performing a network takeover, Qubic’s hashrate plummeted from the top spot to seventh place among Monero mining pools.
On August 3, Ivancheglo claimed that the Qubic mining pool was under a DDoS attack, causing hashrate to fall from 2.6 GH/s to 0.8 GH/s. He alleged that Sergei Chernykh, lead developer of the popular XMRig Monero mining software, had “orchestrated the attacks,” though Chernykh denied involvement, calling the accusation defamatory.
The community response included actively promoting decentralized mining solutions like P2Pool to counter Qubic’s growing influence. These community actions successfully diminished Qubic’s observed network share to just 13% at one point.
Understanding Monero’s Privacy Arsenal
To fully grasp the implications of this attack, it’s crucial to understand what makes Monero unique in the cryptocurrency landscape. Monero employs a sophisticated three-layered privacy system that has made it the gold standard for anonymous transactions.
Ring Signatures: Hiding the Sender
Ring signatures allow the true sender of a message to combine their signature with multiple other signers to create a unified digital signature representing a group rather than a single identity. Currently, Monero enforces a mandatory ring size of 11, meaning each transaction mixes the sender’s output with 10 others, making it statistically impossible to determine which output is being spent.
Ring signatures provide “untraceability,” meaning the source of funds in a transaction cannot be determined, even by exchanges that previously sent you the funds. This ensures true fungibility—there’s no such thing as “tainted” Monero.
Stealth Addresses: Protecting Recipients
Stealth addresses require the sender to create random one-time addresses for every transaction on behalf of the recipient. While the recipient can publish just one address, all incoming payments go to unique addresses on the blockchain where they cannot be linked back to the recipient’s published address.
Unlike ring signatures, stealth addresses are not susceptible to heuristics and rely on tried-and-true elliptic curve cryptography—the backbone of modern internet security. Breaking stealth addresses would require breaking the fundamental cryptography that secures the entire internet.
RingCT: Concealing Transaction Amounts
Ring Confidential Transactions (RingCT) hide transaction amounts, closing the last gap in Monero’s privacy model. Activated on Monero’s mainnet in January 2017, RingCT was a significant technical milestone that represented a major divergence from Monero’s CryptoNote origins.
RingCT hides amounts inside each Monero transaction, unlike Bitcoin where outputs are clear, ensuring outsiders cannot tell how much Monero passes between accounts.
Bulletproofs: Efficiency and Scale
Bulletproofs dramatically decrease transaction sizes while maintaining privacy through sophisticated zero-knowledge proofs. This technology aggregates all range proofs of a Confidential Transaction and collectively proves their validity without revealing the actual amounts.
RandomX: ASIC-Resistant Mining
Monero employs RandomX, a CPU-friendly proof-of-work mining algorithm designed to resist ASIC mining and favor decentralized mining by ordinary hardware. This algorithm was specifically designed to be resistant against application-specific integrated circuit (ASIC) mining, promoting broader participation in network security.
The Implications of Economic Attacks
This attack represents a fundamental shift in how cryptocurrency networks can be compromised. Dan Dadybayo, a researcher at Unstoppable Wallet, noted that this is “no longer about exploits. It’s about capital”.
The attack underscores a broader shift in cryptocurrency conflicts, moving from technical exploits to economic and social engineering. Traditional security models assume rational economic actors, but Qubic’s cross-subsidization through token economics breaks these assumptions.
Potential Consequences
With majority control, Qubic could orphan blocks, reject transactions, delay confirmations, suppress competition, and force protocol changes. Ivancheglo already suggested that Monero users should anticipate orphaned blocks and only accept transactions after 13 confirmations.
The attack also threatens Monero’s reputation as an uncensorable currency. Even if a double-spend attack doesn’t occur, real users can lose confidence in the blockchain, and a reputational collapse is just as devastating as a technical one.
Market Impact and Price Response
The attack triggered a 13% price drop in XMR, with Monero falling 6.65% in 24 hours to compound a 16% decline over the past week. Amid the turmoil, Monero’s price fell by around 8.6% to $248.
Interestingly, QUBIC’s price skyrocketed 50% during July 2025 but remains below its March 2024 all-time high, suggesting traders see Qubic’s move as more hype than substance.
Defensive Measures and Community Response
The Monero community has implemented several countermeasures:
- P2Pool Migration: Community members urged miners to redirect hashrate to P2Pool, a decentralized mining pool that allows miners to collaborate without relying on a central server2. Increased Confirmations: Discussions on Reddit emphasized the need for exchanges to enforce higher confirmation requirements3. Protocol Considerations: Some community members advocate for a hard fork to adjust the RandomX algorithm, though such changes must carefully preserve Monero’s commitment to privacy and accessibility
Lessons for the Broader Crypto Ecosystem
This attack exposes vulnerabilities that extend beyond Monero. Similar attacks have previously hit Ethereum Classic, Bitcoin Gold, and Verge, demonstrating how concentrated hashing power can destabilize entire cryptocurrency networks.
The incident highlights several critical issues:
- Economic Incentive Attacks: Traditional security models may be insufficient against well-funded attackers using cross-subsidization- Mining Centralization: Even “decentralized” networks can be vulnerable to economic manipulation- Proof-of-Work Vulnerabilities: The fundamental assumptions underlying PoW consensus may need reevaluation
What’s Next for Monero?
As of August 12, 2025, Qubic claims to have “completed its attempt to dominate the Monero network”, but the long-term implications remain unclear. The attack serves as both a warning and a test case for how privacy-focused cryptocurrencies can defend against economic warfare.
This incident highlights the resilience of decentralized communities and reinforces broader industry discourse about preparedness against hypothetical 51% attacks targeting Proof-of-Work networks.
The cryptocurrency community must now grapple with a new reality where network security depends not just on cryptographic strength or distributed computing power, but on the economic incentives that drive participation. For Monero, maintaining its position as the leading privacy cryptocurrency will require both technical innovation and community resilience in the face of evolving threats.
As the dust settles from this unprecedented attack, one thing is clear: the era of purely technical cryptocurrency security is over. The future belongs to those who can balance cryptographic excellence with economic resilience—and Monero’s response to this challenge will likely determine its fate as the world’s premier privacy coin.
The Qubic attack on Monero represents a watershed moment in cryptocurrency history, demonstrating that even the most technically sophisticated privacy systems must defend against economic as well as cryptographic threats. As the community rebuilds and strengthens its defenses, the lessons learned will likely influence the design of privacy-focused cryptocurrencies for years to come.