Gate News message, April 26 — Litecoin underwent a deep chain reorganization on Saturday afternoon after attackers exploited a zero-day vulnerability in its MimbleWimble Extension Block (MWEB) privacy layer, according to the Litecoin Foundation. The bug allowed mining nodes running older software to validate unauthorized MWEB transactions, enabling attackers to peg coins out of the privacy extension and route them to third-party decentralized exchanges.
The chain reorg ran from block 3,095,930 to 3,095,943 and took more than three hours to complete. During this period, attackers performed double-spend attacks against multiple cross-chain swapping protocols that had accepted the now-orphaned MWEB peg-outs. Aurora Labs CEO Alex Shevchenko characterized it as a “coordinated attack” and noted that NEAR Intents faced approximately $600k in exposure. The Foundation confirmed the vulnerability has been fully patched and the offending transactions have been erased from Litecoin’s history, while valid transactions during the period remain unaffected.
Saturday’s incident marks the first known attack targeting MWEB since Litecoin activated the privacy extension via soft fork in May 2022. LTC traded near $56 on Saturday afternoon, down about 1% on the day and showing no immediate market reaction, though the token is down nearly 25% year-to-date. The incident occurs amid a challenging period for crypto security, with DeFi protocols losing over $750 million to exploits in 2026 through mid-April.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
North Korean Actors Extract $577M in Crypto Hacks Through April 2026, Accounting for 76% of Global Losses
According to TRM Labs, North Korean actors extracted approximately $577 million in the first four months of 2026, representing 76% of all global cryptocurrency hack losses during the period. The theft stems from two April incidents: the $292 million KelpDAO exploit and the $285 million Drift
GateNews1h ago
North Korea Accounted for 76% of 2026 Crypto Hack Losses in First Four Months, $577M Stolen: TRM Labs
According to TRM Labs, North Korean actors extracted approximately $577 million through the first four months of 2026, representing 76% of all global cryptocurrency hack losses during the period. The losses stem from two April incidents: the $292 million KelpDAO exploit and the $285 million Drift Pr
GateNews1h ago
Kelp completes a full upgrade of its cross-chain bridge in two weeks, and ether.fi simultaneously hardens WeETH
Two weeks after the rsETH cross-chain bridge was hacked on April 18, Kelp completed its upgrade on 4/29: validators on 4/4, 64 block confirmations, hub-and-spoke topology, and cross-chain messages must route through the Ethereum as a relay. ether.fi also hardened weETH in parallel and added a 5,000 ETH donation to DeFi United. DeFi United mobilized more than 70,000 ETH in rescue funds, and market interest rates such as Aave’s fell significantly; however, the attacker still holds about 107,000 rsETH awaiting liquidation, which requires governance and committee-style processes to recover.
ChainNewsAbmedia1h ago
Wasabi Hacked for $2.9 million: Administrator’s private key leaked, contract altered into a malicious version
Wasabi Protocol’s DeFi derivatives were hit on 4/30 after an admin private key leaked; the attacker obtained the ADMIN_ROLE via the Deployer EOA, then used the UUPS upgrade mechanism to replace the perp vaults and LongPool with malicious versions to withdraw funds directly. CertiK estimated losses at about $2.9 million. The incident affects both the Ethereum mainnet and Base. Wasabi has announced a pause in interactions, and Virtuals Protocol has also frozen Wasabi-related collateral. The incident highlights the risk that upstream private-key security poses to downstream ecosystems.
ChainNewsAbmedia3h ago
WasabiCard Clarifies No Association With Wasabi Protocol and Wasabi Wallet on April 30
According to BlockBeats, WasabiCard issued a security statement on April 30 clarifying that it has no affiliation with Wasabi Protocol, Wasabi Wallet, or related projects and institutions. The platform partners with Safeheron for custodial wallet services and collaborates with security auditor
GateNews4h ago
