Also known as >50% attack or a double spend attack. An attacker can make a payment, wait till the merchant accepts some number of confirmations and provides the service, then starts mining a parallel chain of blocks starting with a block before the transaction. This parallel blockchain then includes another transaction that spends the same outputs on some other address. When the parallel chain becomes more difficult, it is considered a main chain by all nodes and the original transaction becomes invalid. Having more than a half of total hashrate guarantees possibility to overtake chain of any length, hence the name of an attack (strictly speaking, it is "more than 50%", not 51%). Also, even 40% of hashrate allows making a double spend, but the chances are less than 100% and are diminishing exponentially with the number of confirmations that the merchant requires.
This attack is considered theoretical as owning more than 50% of hashrate might be much more expensive than any gain from a double spend. Another variant of an attack is to disrupt the network by mining empty blocks, censoring all transactions. An attack can be mitigated by blacklisting blocks that most of "honest" miners consider abnormal. Under normal conditions, miners and mining pools do not censor blocks and transactions as it may diminish trust in Bitcoin and thus their own investments. 51% attack is also mitigated by using checkpoints that prevent reorganization past the certain block.
The Bitcoin network is essentially a democracy with each miner having one vote. The system is secure if at least 51% if the participants abide by the protocol. If more then 51% of the mining power is concentrated in one miner or group of miners, they could invalidate transactions, create false transactions and change the Bitcoin protocol.
As a result of the rise in mining pools where persons with a small amount of computing power join a pool and receive payment on the percentage of their contribution, the risk of one group assembling 51% or more control is real buy may be tempered by the fact that in this event the integrity in the Bitcoin system and the value of the currency would be compromised, to the financial detriment of the majority miners.
In early 2014, as one mining pool came close to surpassing the 50% threshold, it discouraged others from joining the pool to protect the integrity of the system.
Such a "hostile takeover" of Bitcoin is possible in theory. However many experts doubt it is likely.
A miner or mining pool having majority control with more then 50% of the total computing power devoted to the Bitcoin network could do some damage. The biggest threat is disruption of the system. However they could not abscond with currency or hack investors' accounts.
Another real danger, is that centralized control of over 50% of the bitcoin system would provide a target for government subpoenas and other regulation and control of Bitcoin.
The takeover process would be very expensive. Mining blocks of digital currency requires considerable computing time and energy. In addition, a majority control of the Bitcoin system would have to be sustained for considerable period of time in order to compromise the system.
Although a potential threat with potentially dramatic result, the Bitcoin protocol was designed with the belief that the word-to-reward ratio would likely deter any attempt to compromise the system in this way.
Malone, J.A (2015). Glossary of Bitcoin Terms and Definitions. United States: Lulu Press, Inc