Litecoin Falls Victim to Denial-of-Service Attack, Successfully Reverses 13 Blocks

Late Friday and Saturday, a 13-block chain reorganization occurred on the Litecoin network, undoing approximately 32 minutes of activity after attackers exploited a vulnerability, enabling a denial-of-service attack against major mining pools and allowing invalid transactions to bypass updated nodes before the network's longest valid chain corrected them. The Litecoin Core v0.21.5.4 has been released, containing crucial security updates, and all users are advised to upgrade. According to the Litecoin Foundation, the bug was fully patched, and the network is operating normally by Sunday morning. However, security researchers have pointed out discrepancies in the timeline of events, citing the litecoin-project GitHub repository, which indicates the consensus vulnerability was privately patched roughly four weeks before the attack. The repository shows that the vulnerability was known and patched a month prior to the exploit but was not publicly disclosed or mandated for all mining pools, creating a window of vulnerability. Prominent researchers, including Alex Shevchenko, CTO of NEAR Foundation's Aurora project, have raised concerns regarding the exploit, suggesting the denial-of-service attack and the MWEB bug were separate components designed to take patched mining nodes offline. The attack was eventually mitigated when the network automatically handled the 13-block reorganization once the DoS stopped, indicating sufficient hashrate was running updated code to overpower the attack. The incident highlights the differences in how code maintainers and developers react to exploits across various networks, with newer chains coordinating upgrades quickly and older proof-of-work networks like Litecoin and bitcoin relying on independent mining pools to upgrade, creating potential windows of vulnerability.