Quick TakeQuick Take
- The Litecoin Foundation said Saturday that a zero-day bug enabled a denial-of-service attack against major mining pools.
- A 13-block reorganization reversed the invalid transactions on the canonical Litecoin chain.
- Attackers used the more than three-hour fork window to attempt double-spends against cross-chain swap protocols, some of which have reported losses.
- The Foundation said the bug is now fully patched.
Litecoin suffered a deep chain reorganization (or "reorg") on Saturday after attackers exploited a zero-day vulnerability tied to its MimbleWimble Extension Block (MWEB) privacy layer, the Litecoin Foundation said in an X post on Saturday afternoon.
The bug allowed mining nodes running older software to validate an invalid MWEB transaction, letting whoever crafted it peg coins out of the privacy extension and route them to third-party decentralized exchanges, the Foundation said. Major mining pools were also hit by a denial-of-service attack tied to the same flaw.
...read more at theblock.co
pull down to refresh
related posts
I thought old chain links were supposed to be invulnerable from being edited once confirmed and completed so many times. How did they figure out how to edit old blocks all over again?
I'm guessing the miners agreed to erase the last 13 blocks.
https://twiiit.com/litecoin/status/2048135554445832542