Back

Litecoin Zero-Day Vulnerability Leads to DoS Attack on Mining Pools

Severity: High (Score: 63.1)

Sources: Weex

Summary

Litecoin announced a zero-day vulnerability that resulted in a denial-of-service (DoS) attack impacting major mining pools. The vulnerability allowed unpatched mining nodes to execute an invalid MWEB (MimbleWimble Extension Block) transaction, which facilitated the withdrawal of tokens to a third-party decentralized exchange (DEX). In response, the Litecoin network performed a reorganization of 13 blocks to exclude these invalid transactions from the main chain. All valid transactions during this incident remained unaffected, and the vulnerability has since been fully patched, restoring normal network operations. The incident highlights the importance of timely updates for mining nodes to prevent exploitation. Litecoin's swift action mitigated potential losses and maintained the integrity of valid transactions. The overall impact was contained, with no long-term damage reported to the network. Key Points: • A zero-day vulnerability in Litecoin allowed a DoS attack on mining pools. • Invalid MWEB transactions were executed, leading to token withdrawals to a DEX. • The Litecoin network successfully rolled back affected transactions through a 13-block reorg.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • Litecoin (company)
  • weex.com (domain)
  • MimbleWimble Extension Block (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed