Back

Litecoin Faces Major Exploit: Zero-Day Vulnerability Leads to 13-Block Reorg

Severity: High (Score: 69.8)

Sources: En.Bloomingbit, Mexc.Co, Mexc, Cryptonews, Cybersecuritynews

Summary

On April 25, 2026, Litecoin experienced a significant security incident due to a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privacy layer. This flaw allowed outdated mining nodes to process invalid transactions, enabling attackers to execute a denial-of-service (DoS) attack and peg out coins to third-party decentralized exchanges (DEXs). In response, the Litecoin network performed a 13-block chain reorganization to reverse these invalid transactions, ensuring that valid transactions remained unaffected. The Litecoin team confirmed that the vulnerability has been fully patched, and the network is now stable. Initial estimates indicated potential losses of around $600,000 for NEAR Intents, but these may be lower due to the rollback of invalid transactions. This incident marks the first major attack on Litecoin's MWEB since its activation in May 2022. The event highlights vulnerabilities in proof-of-work networks that rely on outdated software versions. Key Points: • Litecoin suffered a zero-day vulnerability leading to a denial-of-service attack. • A 13-block chain reorganization was executed to reverse invalid transactions. • The vulnerability has been patched, and the network is operating normally.

Key Entities

  • DDoS (attack_type)
  • Denial-of-Service (attack_type)
  • Denial of Service (attack_type)
  • Zero-day Exploit (attack_type)
  • Aurora Labs (company)
  • Grin (company)
  • Litecoin (company)
  • Litecoin Foundation (company)
  • NEAR Foundation (company)
  • Monero (tool)
  • e-cash.org (domain)
  • T1499 - Endpoint Denial of Service (mitre_attack)
  • Litecoin Core (platform)
  • MWEB (platform)
  • MWEB Protocol (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed