If more than 2/3 of validators are malicious, there’s not much hope. Expect maybe for minority to fork out.
We’re currently working on #200 which is suppose to help address the case where 1/3+ of validators are malicious. “We need to boot into a “recovery mode” protocol so validators can publish evidence, find out who shit the bed, kick them out and restart”. You can read more on proof of fork accountability here