Litecoin Network Faces Denial-of-Service Attack, Prompting 13-Block Rewrite

On Friday and Saturday, a series of events unfolded as a 13-block chain reorganization took place on the Litecoin network, effectively rewinding 32 minutes of network activity. This move was in response to a denial-of-service attack that exploited a vulnerability in the Mimblewimble Extension Block (MWEB) protocol, allowing invalid transactions to be processed by nodes that had not been updated. The vulnerability had been privately patched between March 19 and 26, but the fix had not been widely implemented, creating a window of opportunity for the attackers. A new version of Litecoin Core, v0.21.5.4, has been released, which includes important security updates to address the issue. The Litecoin Foundation reported that the bug was fully patched and the network was operating normally by Sunday morning. However, security researchers have raised questions about the timeline of events, pointing out that the vulnerability was known and patched a month before the attack, but the fix had not been publicly disclosed or mandated for all mining pools. This created a situation where some miners were running the patched code, while others were still vulnerable, which the attackers appeared to have exploited. The attack involved a wallet being pre-funded 38 hours in advance, with the destination address set up to swap Litecoin for Ethereum on a decentralized exchange. The denial-of-service attack and the MWEB bug were separate components, with the DoS designed to take patched mining nodes offline, allowing the unpatched ones to form a chain that included the invalid transactions. The fact that the network automatically handled the 13-block reorganization once the DoS stopped suggests that enough hashrate was running updated code to eventually overpower the attack. The incident highlights the differences in how various networks respond to exploits, with newer chains often coordinating upgrades more quickly and older proof-of-work networks like Litecoin and Bitcoin relying on independent mining pools to choose when to upgrade, creating a potential window of vulnerability.