According to the latest report, major Litecoin mining pools were hit by a denial of service (DOS) attack this weekend due to a vulnerability in the network. The Litecoin Foundation has confirmed that the flaw has been corrected and the network is fully operational.
Litecoin attacker attempts double-spending exploits on cross-chain protocols
On Saturday, April 25, Litecoin Foundation I mentioned In a post on the X platform stating that a denial of service attack had occurred on its network. According to the organization, this exploit, enabled by a zero-sum bug in the network’s MimbleWimble Extension Block (MWEB) privacy layer, allowed a bad actor to attempt double spending against cross-chain swap protocols.
The foundation explained that the vulnerability allowed out-of-date mining nodes to facilitate an invalid MWEB transaction, enabling individuals to link coins to third-party decentralized exchanges. The post-mortem report said the DOS attack disrupted the normal operations of major mining pools.
The Litecoin Foundation noted that the attack was mitigated through a 13-block reorganization, which reversed the invalid transactions and prevented them from being added to the blockchain. The institution further clarified that “all valid transactions during that period were not affected.”
It should be noted that the Litecoin Foundation has not identified any affected pools nor determined the value of the invalid MWEB transactions generated. Meanwhile, this incident comes at a time when blockchain insecurity is rampant, with the industry still reeling from recent events. DAO kelp attack.
Aurora Labs CEO: Zero Day or Inside Job?
Alex Shevchenko, CEO of Aurora Labs, who discovered the Litecoin attack early, suggested that the DOS exploit bore signs of an inside job. According to the cryptocurrency founder, the attacker planned to swap LTC for ETH on a recently funded address, suggesting that the exploiter was aware of the flaw from the beginning.
Hence, the CEO of Aurora Labs believes that prior knowledge defeats the whole idea of “instant purchase,” which means there is a vulnerability in the software that is not known to the content creator or the audience. Shevchenko He explained The DOS attack involved placing nodes to reduce the hash rate and was a means of exploiting the buyout.
Shevchenko wrote on X:
The fact that the protocol automatically handled reorganization once the DoS stopped (which is great) meant that part of the hash rate was actually running updated code. Thus, this error was known and is not day zero.
As of this writing, LTC is at around $55.92, with no significant change over the past 24 hours. Despite the fear, uncertainty, and doubt surrounding the news of this DOS attack, the altcoin fell by about 1.2% during the day.
The price of LTC on the daily timeframe | Source: LTCUSDT chart on TradingView
Featured image from PayPal, chart from TradingView
Editing process Bitcoinist focuses on providing well-researched, accurate, and unbiased content. We adhere to strict sourcing standards, and every page is carefully reviewed by our team of senior technology experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
