Two days later, Litecoin developers released a final report on two major incidents related to the MWEB privacy protocol that enabled the April zero-day attack. This is the story of how the same flaw originally concealed and created 85,000 “counterfeits.” $LTC Then, a month later, another blockchain network experienced an outage.
It all started when hackers discovered a bug in MWEB (MimbleWimble Extension Block) data validation. This allowed them to perform a “peg out” operation, retreating from sensitive blocks to the main network and turning a small amount into a huge amount of 85,034. $LTCeffectively created from nothing.
Developers and miners acted quickly and the funds were frozen before they could be converted into cash. Instead of a protracted dispute, the parties reached a peaceful settlement as the hacker agreed to return the funds in exchange for an $850 legal fee. $LTC.
To keep the system perfectly balanced, Litecoin creator Charlie Lee personally purchased 850 of these. $LTC To cover the hacker’s bounty.
https://t.co/2eOU4C6bqH
— Litecoin (@litecoin) April 28, 2026
The shockwave effect: Why internal fixes failed to prevent the April incident
The problem seemed to be resolved, but a second attack using the same method occurred in April. This time, updated network nodes were able to detect and block the attack, which caused a technical collapse. A code error caused the mining equipment to start freezing while trying to process invalid data.
The network split, resulting in a 13-block rollback. Here the most serious and dangerous aspect of the situation appeared. While the Litecoin network became unstable, automated cross-chain protocols managed to accept transactions from invalid blocks. As a result:
- NEAR Intents suffered a loss of 7.78 $BTC.
- THORChain lost about 0.007 $BTC.
As of now, Litecoin Core 0.21.5.4 has been released and the vulnerability has been fully resolved. Although the network is stable, this incident clearly demonstrated how fragile the interconnections between blockchains can be under stress.
Despite Litecoin itself protecting its users and reaching an agreement with the original hackers, it could not prevent external DeFi protocols from absorbing the shockwaves caused by the network reorganization.
