Litecoin Faces 13-Block Reorganization Due to Zero-Day Vulnerability Exploitation

Litecoin Faces 13-Block Reorganization Due to Zero-Day Vulnerability Exploitation

First seen 25 Apr 2026, 23:45 UTC News.BitcoinTheblock.CoMexcMexc.CoEn.Bloomingbit+16 86% similarity 69.8

Article Content

Browse articles
ThreatCluster

On April 25, 2026, Litecoin experienced a significant 13-block chain reorganization after attackers exploited a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) protocol. The vulnerability allowed outdated mining nodes to validate invalid MWEB transactions, enabling attackers to peg out coins to third-party decentralized exchanges. This incident resulted in a denial-of-service (DoS) attack that disrupted major mining pools. The Litecoin Foundation confirmed that all invalid transactions during the exploit were reversed and that valid transactions remained unaffected. The vulnerability was patched with the release of Litecoin Core v0.21.5.4 on the same day as the attack began. Security researchers have raised concerns that the consensus vulnerability had been privately patched weeks before the attack, suggesting a lapse in communication about the necessary updates. The incident highlights vulnerabilities in proof-of-work networks where miners may run outdated software. The network is currently operating normally after the patch.

Key Points: • A zero-day vulnerability in Litecoin's MWEB protocol led to a 13-block reorganization. • Attackers exploited outdated mining nodes to validate fraudulent transactions. • The vulnerability has been patched, and the network is operating normally.

ThreatCluster AI

Timeline

2026-04-25
Attack exploited a zero-day vulnerability in MWEB, causing a DoS.
2026-04-25
Litecoin performed a 13-block reorganization to reverse invalid transactions.
2026-04-25
Litecoin released Core v0.21.5.4 to patch the vulnerabilities.
Recent
Security researchers highlighted the timeline of the vulnerability patch.

Community

Browse all →