The bitcoin wiki explains what an attacker with 51% of the network can do:
An attacker that controls more than 50% of the network’s computing power can, for the time that he is in control, exclude and modify the ordering of transactions. This allows him to:
- Reverse transactions that he sends while he’s in control. This has the potential to double-spend transactions that previously had already been seen in the block chain.
- Prevent some or all transactions from gaining any confirmations
- Prevent some or all other miners from mining any valid blocks
The attacker can’t:
- Reverse other people’s transactions
- Prevent transactions from being sent at all (they’ll show as 0/unconfirmed)
- Change the number of coins generated per block
- Create coins out of thin air
- Send coins that never belonged to him
So let’s take the worst case scenario and assume that GHash can and will act maliciously (I’ll explain why this is unlikely shortly). If this is the case they can basically slow / corrupt the network for the peroid of time where they’re in control. They can refuse to process certain transactions, or even reverse their own. They cannot steal other peoples bitcoins, private keys are safe in the face of a 51% attack.
Now let’s talk about why GHash won’t act maliciously, it simply does not align with their incentives. GHash, and every pool for that matter, makes money from bitcoin. It is in their own best interests to keep the value of bitcoin high. By acting maliciously they would cause people, and the media, to loose faith in bitcoin thus devaluing it. You can go on freaking out about GHash, but it’s really a non-issue.
Edit: Gavin Andresen agrees.