Zero-dayApr 25, 2026
🚨 Litecoin has confirmed a zero-day bug caused a DoS attack that disrupted major mining pools. N...
Litecoin zero-day bug causes DoS attack on mining pools via invalid MWEB transactions.
Summary
Litecoin disclosed a zero-day vulnerability that enabled a denial-of-service attack against major mining pools through acceptance of invalid MWEB (MimbleWimble Extension Block) transactions by non-updated nodes. The attack resulted in coins being pegged out to third-party decentralized exchanges, but a 13-block reorganization reversed the invalid transactions, preventing their inclusion in the main chain.
Indicators of Compromise
- malware — MWEB transaction validation bypass
Entities
Litecoin (product)MWEB (MimbleWimble Extension Block) (technology)Mining pools (technology)