Litecoin Faces Denial-of-Service Attack, Successfully Reverses 13 Blocks

A chain reorganization of 13 blocks occurred on the Litecoin network, effectively reversing 32 minutes of network activity after attackers leveraged a vulnerability in the Mimblewimble Extension Block protocol. The attack enabled invalid transactions to be processed by nodes that had not been updated, before the network's longest valid chain corrected them. Following the incident, Litecoin Core v0.21.5.4 was released, containing crucial security updates. The Litecoin Foundation reported that the bug had been fully patched and the network was operating normally by Sunday morning. However, security researchers have raised concerns over the timeline of events, pointing out that the vulnerability was privately patched between March 19 and 26, roughly four weeks before the attack. The consensus vulnerability and a separate denial-of-service vulnerability were both fixed in release 0.21.5.4, after the attack had begun. This has led to questions about the effectiveness of the network's response to security threats. Blockchain data revealed that the attacker had pre-funded a wallet 38 hours before the exploit, with the destination address configured to swap LTC for ETH on a decentralized exchange. The denial-of-service attack and the MWEB bug were separate components, with the DoS designed to take patched mining nodes offline so the unpatched ones would form the chain that included the invalid transactions. The network's automatic handling of the 13-block reorganization once the DoS stopped suggests that enough hashrate was running updated code to eventually overpower the attack. The incident highlights the differences in how code maintainers and developers react to exploits on various networks, with newer chains able to coordinate upgrades quickly and older proof-of-work networks like Litecoin and bitcoin relying on independent mining pools to upgrade, creating a window of vulnerability.