Gate News message, April 26 — Litecoin underwent a deep chain reorganization on Saturday afternoon after attackers exploited a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privacy layer, according to the Litecoin Foundation. The bug allowed mining nodes running older software to validate unauthorized MWEB transactions, enabling attackers to peg coins out of the privacy extension and route them to third-party decentralized exchanges.
The chain reorg ran from block 3,095,930 to 3,095,943 and took more than three hours to complete. During this period, attackers performed double-spend attacks against multiple cross-chain swapping protocols that had accepted the now-orphaned MWEB peg-outs. Aurora Labs CEO Alex Shevchenko characterized it as a “coordinated attack” and noted that NEAR Intents faced approximately $600k in exposure. The Foundation confirmed the vulnerability has been fully patched and the offending transactions have been erased from Litecoin’s history, while valid transactions during the period remain unaffected.
Saturday’s incident marks the first known attack targeting MWEB since Litecoin activated the privacy extension via soft fork in May 2022. LTC traded near $56 on Saturday afternoon, down about 1% on the day and showing no immediate market reaction, though the token is down nearly 25% year-to-date. The incident occurs amid a challenging period for crypto security, with DeFi protocols losing over $750 million to exploits in 2026 through mid-April.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
22-Year-Old Sentenced to 70 Months for $263 Million Crypto Theft Money Laundering
California resident Evan Tangeman, 22, was sentenced on Friday to 70 months in federal prison for his role laundering proceeds from a multi-state cryptocurrency theft ring that stole approximately $263 million in digital assets from victims, according to the U.S. Department of Justice. U.S.
CryptoFrontier1h ago
Address Linked to Avi Eisenberg Shows New On-Chain Activity, Raising Security Concerns
Gate News message, April 26 — Blockchain analytics platform Arkham has identified renewed on-chain activity from an address believed to be connected to Avi Eisenberg, the attacker who profited approximately $110 million from the 2022 Mango Markets exploit. Eisenberg was previously sentenced to
GateNews3h ago
Sui DeFi lending protocol Scallop is hacked, with a vulnerability in the old contract leading to 150k SUI stolen
Scallop was attacked on the Sui chain, and the side contract involved led to the sSUI rewards pool being exploited. Approximately 150k SUI were stolen. The core contract is secure, and deposits and withdrawals have been restored. The official statement applies only to the deprecated rewards contract; users’ funds were not affected. Former NEAR developer Vadim said the vulnerability originated from an outdated V2 package from 17 months ago, where not initializing last_index caused rewards to accumulate starting in 2023. The fix requires adding a version field to the shared object and strengthening version checks to prevent risks caused by outdated packages.
ChainNewsAbmedia4h ago
Scallop Discovers sSUI Reward Pool Vulnerability, Suffers 150K SUI Loss but Pledges Full Reimbursement
Gate News message, April 26 — Scallop, a lending protocol in the Sui ecosystem, announced the discovery of a vulnerability in an auxiliary contract associated with its sSUI reward pool, resulting in a loss of approximately 150,000 SUI. The affected contract has been frozen, and Scallop confirmed
GateNews8h ago
Litecoin Undergoes Deep Chain Reorganization After MWEB Privacy Layer Zero-Day Exploit
Gate News message, April 26 — Litecoin experienced a deep chain reorganization on Saturday (April 26) after attackers exploited a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privacy layer, according to the Litecoin Foundation. The reorg spanned blocks 3,095,930 to 3,095,943 and
GateNews9h ago
Litecoin Sees First Privacy Layer Hack: MWEB Zero-Day Vulnerability Triggered 13-Block Reorganization
According to The Block, the Litecoin Foundation confirmed that the MWEB privacy layer suffered a zero-day vulnerability. The attacker used older nodes to make forged MWEB transactions appear valid, causing a rollback of 13 blocks on the main chain (about 3 hours), and performing double-spends against cross-chain exchanges; NEAR Intents exposed about $600k, and the mining pool was also hit with a DoS. A patched version has been released—please upgrade immediately. Main-chain balances are not affected, but it highlights the trade-off between reducing observability and increasing detection difficulty for the privacy layer.
ChainNewsAbmedia11h ago
