Litecoin 事後檢討：MWEB 漏洞導致攻擊者偽造 85,034 LTC 提現，隨後開發人員凍結資金

📄完整原文· 由 trafilatura 自動擷取5346 字

Litecoin developers published a postmortem on Tuesday confirming two related security incidents tied to a critical Mimblewimble Extension Block validation bug that allowed an attacker to fabricate an 85,034 LTC pegout in March 2026 and later trigger a 13-block chain reorganization in April that hit Thorchain and NEAR Intents. Litecoin Postmortem: MWEB Bug Let Attacker Fake 85,034 LTC Pegout Before Devs Froze Funds Key Takeaways: - A Litecoin MWEB validation bug let an attacker inflate and peg out 85,034 LTC in March 2026, but the actor returned the funds for an 850 LTC bounty. - An April 2026 exploit attempt triggered a 13-block chain reorg, causing NEAR Intents to lose 11,000 LTC swapped for 7.78 BTC. - Litecoin Core v0.21.5.4 patches both the inflation bug and the mining node stall that enabled the April reorg. Litecoin Developers Release Postmortem After MWEB Bug Causes Chain Reorg The postmortem identified the root cause as a missing metadata check during block connection. When an MWEB input spends a previous output, the metadata it carries must match the actual UTXO being consumed. That check existed in the mempool and block-building paths, but developers confirmed it was not fully enforced at the block connection stage. Developers discovered the vulnerability through internal review on March 19. A chain scan showed exploitation had already occurred at block 3,073,882. The attacker used a malicious MWEB input whose real value was no more than 1.2084693 LTC to support a pegout of 85,034.47285734 LTC. Developers said they coordinated privately with major mining pools to contain the inflated outputs before public disclosure. An emergency release, Litecoin Core 0.21.5, was pushed to miners to block new malformed inputs. A follow-up release, 0.21.5.1, added a historical exception for the already-accepted exploit block and temporarily froze the three transparent outpoints holding the attacker’s funds. The actor attempted to spend at least one frozen output. Upgraded miners rejected the transaction. Developers then contacted the actor directly. The actor agreed to cooperate and signed a recovery transaction that returned 84,184.47278630 LTC to a developer-controlled address while keeping 850 LTC as an agreed bounty. Litecoin founder, Charlie Lee, purchased the 850 LTC needed to make the MWEB balance whole. The full 85,034.47285734 LTC was pegged back into MWEB in a single transaction at block height 3,078,098, and the resulting MWEB output was frozen. No user funds were ultimately lost in the March incident. According to the postmortem, a second attacker attempted the same exploit path in April, triggering a separate failure. Upgraded nodes rejected the malformed block, but the way mutated MWEB block data was handled caused certain mining RPC commands to hang, including the submitblock call. Upgraded mining nodes stalled while unupgraded miners continued extending the invalid chain. The invalid chain grew to 13 blocks before upgraded miners coordinated to overtake it. The bad chain was reorged out, but several third-party systems had already processed activity on the invalid chain before the reorg completed. NEAR Intents confirmed the attacker swapped 11,000 LTC for 7.78814476 BTC before the reorg completed. Those 11,000 LTC were no longer present on the valid chain after the reorg, leaving NEAR Intents with a confirmed loss. Thorchain reported a separate loss after the attacker swapped 10 LTC for 0.00719957 BTC through its bridge before the reorg. Litecoin Core 0.21.5.4 addressed the mutated-block stall by erasing stored block data for blocks classified as mutated, allowing valid data for the same block hash to be accepted later. The release was built and deployed publicly on April 25. The postmortem blogpost acknowledged several failures in the response, including that MWEB validation relied too heavily on checks that were not applied at block connection, that the recovery required multiple staged miner releases each carrying coordination risk, and that the April mutated-block failure mode had not been tested against mining RPC behavior. Community sentiment following the postmortem X post was largely supportive, with roughly 70% to 80% of replies citing appreciation for the team’s transparency and speed. Several responses noted that the chain itself held firm and that public disclosure built rather than damaged trust. Litecoin Confirms Zero-Day Bug Caused 13-Block Reorg, Network Patched and Stable Litecoin Confirms Zero-Day Bug Caused 13-Block Reorg, Network Patched and Stable Litecoin's official account confirmed on Saturday afternoon that a zero-day bug triggered a denial-of-service attack against major mining pools, leading… Read NowLitecoin's official account confirmed on Saturday afternoon that a zero-day bug triggered a denial-of-service attack against major mining pools, leading… Users and node operators are advised to upgrade to Litecoin Core v0.21.5.4 or later, verify that their node is syncing normally, and reindex if the node remains stuck after a restart. The postmortem follows Litecoin’s recent post about doing better when it comes to posting on X. “Those in charge of posting from this [X] handle will do better in the future,” the official Litecoin X account wrote after the account was accused of being “childish” earlier in the week.

資料狀態✓ 已擷取全文閱讀原文（Bitcoin.com）

🔍歷史類似事件· 關鍵字 + 標的比對2 則

2026-04-26

Litecoin 發布攻擊後更新，但其他開發者質疑 zero-day 理論

相似度 130%關鍵字 devs/litecoin

2026-04-25

Litecoin 確認 Zero-Day Bug 導致 13 個區塊的 Reorg，網路已修復並恢復穩定

相似度 130%關鍵字 bug/litecoin

💡 目前用關鍵字 + 標的比對（MVP）· 之後會升級為 embedding 語意搜尋

原始資訊

ID：6bfc05b470

來源：Bitcoin.com

發佈：2026-04-28 17:16:02

分類：一般 · 導出分類 neutral

標的：未指定

社群投票：+0 / −0 · ⭐ 0 重要 · 💬 0 留言