On April 25, the Litecoin community underwent a major 13-block reorganization after attackers exploited a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privateness layer.
How the assault unfolded
The bug enabled unknown events to launch a denial-of-service assault that disrupted main mining swimming pools.
Nodes working outdated software program then improperly validated invalid MWEB transactions, permitting attackers to work together with these cash and ship them to third-party DEX platforms.
Alex Shevchenko, CEO of Aurora Labs, described the incident as a “coordinated assault,” noting the reorg affected blocks #3,095,930 via #3,095,943 and took over three hours to resolve.
Throughout that window, attackers executed double-spending assaults towards a number of cross-chain protocols.
Builders reverse the harm
In response, Litecoin builders carried out the 13-block reorganization to strip the invalid transactions from the chain.
The official Litecoin account acknowledged:
“All legitimate operations throughout this era stay unchanged. The bug has been absolutely fastened, and the community continues to function usually.”
The incident highlights an actual rigidity in proof-of-work networks: nodes can run outdated software program indefinitely, and when sufficient of them do, a cut up in consensus guidelines turns into exploitable.
Market affect minimal, however questions linger
The LTC worth barely moved, buying and selling round $56 with a 0.5% decline on the day.
Nonetheless, the episode raises uncomfortable questions on transaction finality — if 13 confirmed blocks may be erased, what number of confirmations does it take to really feel really safe?
Again in September 2025, Monero skilled its largest blockchain reorganization in 12 years, with the community rolled again 18 blocks and 117 transactions invalidated.