Litecoin Faces DoS Attack, 13-Block Reorg Reverses Transactions
Litecoin suffered a denial-of-service attack exploiting an MWEB vulnerability, causing a 13-block chain reorganization that reversed 32 minutes of activity. The network was patched with Litecoin Core v0.21.5.4, but questions arose over a private patch timeline and potential undisclosed losses from pre-reorg swaps.
Quick Take
DoS attack and MWEB bug triggered a 13-block chain reorganization.
Private consensus patch existed weeks before the exploit; DoS patch came day-of.
Attacker pre-funded a wallet 38 hours earlier, swapped LTC to ETH on DEX.
Network restored after patched mining pools regained majority hashrate.
Market Impact Analysis
BearishThe attack and revelations about delayed patching could negatively affect Litecoin's reputation and short-term price, though the network has recovered.
Speculation Analysis
Key Takeaways
- A DoS attack and MWEB vulnerability triggered a 13-block chain reorganization on Litecoin, reverting 32 minutes of transactions.
- The consensus bug was privately patched weeks before the exploit, but not enforced across all mining pools, creating a window for attackers.
- An attacker pre-funded a wallet 38 hours prior, swapped LTC to ETH on a DEX before the reorg could be reversed.
- Litecoin Core v0.21.5.4 patched both vulnerabilities after the attack began, restoring normal network operation.
What Happened
Litecoin’s network underwent a 13-block chain reorganization late Friday, effectively erasing 32 minutes of transaction history. Attackers exploited a vulnerability in the Mimblewimble Extension Block (MWEB) protocol, enabling a denial-of-service (DoS) attack that took patched mining nodes offline. Unpatched miners then processed invalid transactions, creating a competing fork. Once the DoS ceased, the network’s longest valid chain regained dominance, reversing the invalid activity. Litecoin Core v0.21.5.4, released during the attack, closed the vulnerabilities.
The Numbers
The reorg rewound 13 blocks and 32 minutes. The consensus bug was privately patched between March 19 and 26, but the fix wasn’t mandated until the attack on April 25. An attacker’s wallet was funded 38 hours before the exploit via Binance, aimed at swapping LTC to ETH. The DoS targeted patched nodes, allowing unpatched miners to extend the invalid chain.
Why It Happened
A zero-day MWEB vulnerability combined with a DoS attack. Although the consensus bug was discovered and privately patched a month earlier, not all miners updated, leaving a split in the network. The attacker identified unpatched nodes, knocked patched ones offline, and broadcast invalid peg-out transactions. The network’s design automatically resolved the fork once honest hashrate regained majority, but the delayed public disclosure and uneven patch adoption created a window for exploitation.
Broader Impact
The incident highlights pitfalls of private security patches in decentralized networks. Litecoin’s reputation may suffer as questions linger over the response timeline and potential losses from pre-reorg swaps. It underscores the need for transparent vulnerability disclosure and rapid, coordinated upgrades across mining pools.
What to Watch Next
- Litecoin Foundation’s post-mortem and any response to community concerns about the patch timeline.
- Market reaction to the reputation hit; LTC price may face short-term pressure.
- Potential disclosure of any unrecovered funds from swaps before the reorg.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
