Litecoin suffered a deep chain reorganization on Saturday after attackers exploited a zero-day bug tied to its MimbleWimble Extension Block privacy layer, according to the Litecoin Foundation.
Summary
- Litecoin reversed 13 blocks after attackers exploited a zero-day bug in its MWEB privacy layer.
- Attackers used the fork window to attempt double-spends against several cross-chain swap protocols.
- The Litecoin Foundation said the bug has been patched, while some venues reported losses.
The Foundation said the bug allowed older mining nodes to accept an invalid MWEB transaction. This created a fork that lasted more than three hours before the network restored the main chain.
Invalid transactions erased from chain history
The incident affected blocks 3,095,930 to 3,095,943, according to Aurora Labs CEO Alex Shevchenko. He described the event as a “coordinated attack” in a post on X.
A 13-block reorganization removed the invalid transactions from Litecoin’s main history. The Foundation said valid transactions made during that period remained unaffected.
Moreover, attackers used the fork window to attempt double-spend transactions against cross-chain swap protocols. These platforms had accepted MWEB peg-outs that later became invalid after the reorganization.
Shevchenko said, “The exposure for NEAR Intents is around $600k.” He also warned trading venues to review Litecoin transactions and balances, adding, “We see a lot of double spend transactions.”
Foundation says bug is patched
The Litecoin Foundation said the zero-day bug has now been fully patched. It did not name the affected mining pools or disclose how much LTC the invalid transactions attempted to create.
The attack marks the first known major exploit targeting MWEB since Litecoin activated the privacy feature in May 2022. LTC traded near $56 after the disclosure, down about 1% on the day.
