PANews reported on April 26 that Litecoin officially disclosed on the X platform that a zero-day vulnerability has recently been discovered. This vulnerability, if exploited, can launch a DoS attack, disrupting the operation of mainstream mining pools. The vulnerability exists in the MWEB (MimbleWimble Privacy Extension Block) module. An outdated mining node can execute an invalid MWEB transaction, allowing attackers to extract tokens from the privacy layer to a third-party DEX.

In response to the attack, the Litecoin network performed a 13-block reorg, completely rolling back and removing all invalid transactions to ensure they were not included in the main chain. The official statement emphasized that all valid transactions from legitimate users were unaffected during the incident. The zero-day vulnerability has now been fully patched, a client patch has been released, and the Litecoin network has returned to normal operation.