Zero-Day Exploit in Litecoin Network Triggers DoS Attack, Prompts 13-Block Reorg A critical zero-day vulnerability in the Litecoin network was exploited to launch a denial-of-service (DoS) attack, disrupting major mining pools and compromising transaction integrity before developers issued a patch. The flaw, discovered in Litecoin’s MimbleWimble Extension Block (MWEB) a privacy-focused transaction layer allowed attackers to inject malformed transactions into unpatched nodes. The exploit targeted mining nodes running outdated software, bypassing input validation to process invalid MWEB transactions. These transactions enabled unauthorized coin peg-outs to third-party decentralized exchanges (DEXs), effectively circumventing standard transaction controls. The attack window persisted due to delayed patch adoption by some mining pool operators. In response, the Litecoin development team and network stakeholders executed a 13-block reorganization (reorg), rolling back the chain to reverse the fraudulent transactions. While the reorg erased the illegitimate activity, all legitimate transactions remained unaffected, and no user funds were lost. The incident underscores the risks of delayed software updates in proof-of-work networks, where unpatched nodes create exploitable gaps. The vulnerability has since been patched, and the network has stabilized. The Litecoin Foundation has not assigned a CVE identifier to the flaw at this time. Node operators and mining pools were advised to upgrade immediately to prevent further exploitation.