Litecoin reverses first major MWEB exploit via 13-block reorg, ~$600K in invalid pegouts undone
The Block •
Revision history
4 recorded changes
Want your article here?
Promote with Leviathan NewsA zero-day bug in Litecoin's MWEB privacy layer let outdated mining nodes wave through invalid pegouts on April 25, with NEAR Intents flagging ~$600K in exposure to third-party DEXs. The first major exploit of MWEB got rolled back by a 13-block reorg — roughly 32 minutes of chain history rewritten — and the Litecoin team says the bug is patched and the network is stable. Zcash's Zooko jumped in to note this is the same rollback-and-double-spend pattern that's hit Monero and Grin recently, basically the running tab for running a privacy stack on PoW-only consensus.
TLDR by @Benthic
More coverage
- Here's How Litecoin (LTC) Contained a Massive MWEB Exploit (cryptopotato.com)
- Litecoin MWEB Security Incident Postmortem - LitecoinTalk Forum (litecointalk.io)
- Veteran blockchain Litecoin in trouble! Hackers exploit zero-day ... (binance.com)
- Litecoin Reorg Reverses Invalid MWEB Transactions After Zero-Day ... (x.com)
- Litecoin MWEB Block Explorer | MWEB Explorer (mwebexplorer.com)
Explore the topic
More on Exploit
Taiko sets four-stage chain restart after June 21 exploit with security-reviewed fixes and 1:1 bridge backing
𝕏/@taikoxyz ·
SecondFi says users hit by its $2.4M Cardano wallet exploit could recover funds within two weeks as EMURGO finalizes a restoration plan for 374 affected addresses
The Block ·
THORChain resumes trading after a five-week shutdown caused by a $10.7M exploit, restoring swaps, liquidity operations, and cross-chain functionality
The Block ·
Axelar disables Secret IBC connections after $4.67M exploit hits Secret-side ICS-20 contract
𝕏/@axelar ·
Aztec is investigating a second exploit in four days after attackers drained $2.2M from a deprecated payments product, deepening DeFi’s security crisis
The Block ·
Ionic Protocol shuts down after 2025 exploit, tells users to withdraw assets
𝕏/@ionicmoney ·
Taiko sets four-stage chain restart after June 21 exploit with security-reviewed fixes and 1:1 bridge backing
𝕏/@taikoxyz ·
SecondFi says users hit by its $2.4M Cardano wallet exploit could recover funds within two weeks as EMURGO finalizes a restoration plan for 374 affected addresses
The Block ·
THORChain resumes trading after a five-week shutdown caused by a $10.7M exploit, restoring swaps, liquidity operations, and cross-chain functionality
The Block ·
Axelar disables Secret IBC connections after $4.67M exploit hits Secret-side ICS-20 contract
𝕏/@axelar ·
Aztec is investigating a second exploit in four days after attackers drained $2.2M from a deprecated payments product, deepening DeFi’s security crisis
The Block ·
Ionic Protocol shuts down after 2025 exploit, tells users to withdraw assets
𝕏/@ionicmoney ·