Litecoin Faces Major Exploit: 13-Block Reorg to Counter Zero-Day Vulnerability

Severity: High (Score: 69.0)

Sources: News.Bitcoin, Theblock.Co, Mexc

Summary

On April 25, 2026, Litecoin experienced a significant chain reorganization due to a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privacy layer. Attackers exploited this flaw, allowing invalid transactions to be processed by non-updated mining nodes, resulting in a denial-of-service attack against major mining pools. The Litecoin network executed a 13-block reorg, effectively reversing the invalid transactions and preventing their settlement on the main chain. Aurora Labs CEO Alex Shevchenko reported that the exposure for NEAR Intents was approximately $600,000, but the actual losses may be lower since the invalid transactions were erased. The vulnerability has been fully patched, and the network is currently stable. This incident marks the first known attack on MWEB since its activation in May 2022. The Litecoin Foundation has advised trading venues to audit their transactions and holdings due to potential double-spend transactions. The event highlights vulnerabilities in proof-of-work networks that rely on outdated software. Key Points: • Litecoin's MWEB privacy layer was exploited, leading to a 13-block chain reorganization. • The zero-day vulnerability allowed invalid transactions to be processed by outdated mining nodes. • The Litecoin network has patched the vulnerability, and all valid transactions remain unaffected.

Key Entities

• DDoS (attack_type)
• Denial of Service (attack_type)
• Zero-day Exploit (attack_type)
• Aurora Labs (company)
• Grin (company)
• Litecoin (company)
• Litecoin Foundation (company)
• NEAR Intents (company)
• Monero (tool)
• e-cash.org (domain)
• MWEB (platform)