Table of Contents:
Litecoin Network Affected by Zero-Day Attack in Coordinated Double-Spending Incident
The Litecoin network recently experienced a significant security breach due to a Zero-Day vulnerability that allowed attackers to execute double-spending across multiple decentralized exchange (DEX) protocols. This incident was confirmed by NEAR Intents, which reported a financial exposure of approximately $600,000, assuring users that they would be fully compensated for their losses.
The attack involved a 13-block reorganization that took over three hours to complete, effectively reversing all invalid transactions on the blockchain. The vulnerability was linked to the MWEB (Mimblewimble Extension Blocks) privacy transaction layer of Litecoin, which allowed non-upgraded mining nodes to accept invalid MWEB transactions. Consequently, attackers were able to link coins to third-party DEXs.
Get $500 free Bitcoin mining for a free testing phase:
- Real daily rewards
- 1 full month of testing
- No strings attached
If you choose to buy after testing, you can keep your mining rewards and receive up to 20% bonus on top.
"The DoS attack and the MWEB bug were two separate but coordinated mechanisms," stated Alex Shevchenko, a developer at Aurora, raising concerns about the nature of the attack.
Key facts from the official Litecoin update include:
- A Zero-Day bug caused a denial-of-service attack that disrupted major mining pools.
- Invalid MWEB transactions enabled coins to be linked to third-party DEXs.
- A 13-block reorganization reversed all invalid transactions from the main chain.
- All valid transactions during the period remain completely unaffected.
- The bug has been fixed, and the network is operating normally.
In summary, the Litecoin network faced a serious threat from a Zero-Day vulnerability that allowed for double-spending, resulting in significant financial implications for NEAR Intents. However, the network has since been restored to normal operations following the implementation of a fix.
Concerns Over Potential Insider Knowledge
Following the attack, questions have arisen regarding the possibility of insider knowledge related to the vulnerability. Shevchenko highlighted that the attacker's wallet was funded 38 hours prior to the exploit via Binance, suggesting a level of premeditation. Furthermore, he pointed out that the denial-of-service attack and the MWEB bug were executed in a coordinated manner, raising suspicions about the awareness of certain miners regarding the upgrade status of their nodes.
Shevchenko's concerns include:
- The automatic recovery process indicates that upgraded nodes existed, implying prior knowledge of the bug.
- RPC providers like QuickNode were reportedly not informed, despite miners being up to date.
- There is speculation that the attacker may have known which miners had upgraded and which had not.
In conclusion, the Litecoin incident has not only raised alarms about security vulnerabilities but also about the potential for insider involvement. The core Litecoin team has yet to address these allegations directly, leaving the community with lingering questions.
Sources:
