A disruption on Litecoin briefly rattled the network on Saturday. A bug in its MimbleWimble Extension Block (MWEB) execution allowed invalid transactions to slip through outdated mining nodes. The Litecoin team stated that non-updated nodes processed a malformed MWEB transaction. This enabled coins to be pegged out to third-party DEXs.
The issue reportedly created a window where fraudulent transactions could be accepted by parts of the network that had not applied the latest patch. The exploit left minor damage on the token. $LTC price dipped marginally over the last 24 hours. $LTC is trading at $56 at the press time.
Litecoin reorg sparks 51% attack debate
The Litecoin team in a X post reported that the network executed a 13-block reorganization. This rolled back the affected chain segment and removed all invalid transactions. The team clarified that all legal transactions that happened at that time remain intact. The exploit itself was patched.
Analysts Alex Shevchenko and Zacodil flagged the unusual reorg early. However, some interpret it as a potential 51% attack.
On-chain data support the concern at first glance. Blocks between 3095930 and 3095943 took over three hours to mine. It took a long time in comparison to the expected 30 minutes based on Litecoin’s 2.5-minute block time. This suggests an average block time of roughly 13.5 minutes. That was more than five times slower than normal.
Preliminary the fork was happening starting 3095930 till 3095943
— Alex Shevchenko 🇺🇦 (@AlexAuroraDev) April 25, 2026
One analyst noted that such conditions often come across as the pattern of a 51% attack. In such a situation, an attacker builds a competing private chain before replacing the public one. However, the Litecoin team suggested that the event was a bug-triggered anomaly rather than a successful chain takeover. However, the reorg acted as a corrective mechanism.
NEAR Intents had initially estimated around $600,000 in exposure linked to the incident. It would cover user losses. With the invalid transactions now excluded from the main chain, the actual financial impact may be lower. Meanwhile, the team is yet to issue an updated statement.
$XRP val critiques PoW over Litecoin event
A validator from the $XRP Ledger commented that Litecoin may have seen conditions similar to a 51% attack. Vet argued Proof of Work is the worst security model because “you’re only as secure as someone else is willing to spend more $ to attack the network than PoW is incentivizing miners.”
Vet in a X post stated that networks like Litecoin rely on sufficient hash power to deter attacks. This means that security is closely linked to the value of the underlying asset. He argued the $XRP Ledger is built differently. Their consensus algorithm has an absolute final settlement, which means validated blocks are protected and can’t be reorganized.
He added that network security doesn’t rely on $XRP’s price. The network is as secure with $1 $XRP or $1000 $XRP, which is very important for a reliable settlement machine. $XRP price has dipped marginally over the last 24 hours. $XRP is trading at around $1.42 at the press time. Despite the debate, the Litecoin team maintains that the network is now stable.
In another post, Vet noted that there was no majority hash rate attack. Instead, it was a bug in Litecoin allowing a window for double spending, not the miner side. Now the interesting part is the 13-block reorganization. The attacker’s double-spend transactions were rolled back by honest miners using essentially the chain reorganization to restore the original state.
Alex Shevchenko, in a post, looked over the matter as a zero-day or an inside job. He mentioned that the data shows the attacker was planning to swap $LTC into ETH. This was funded 38h ago from Binance.
The attacker knew about the bug for some time. He added that the DoS attack was just putting nodes down to decrease the hashrate. There was indeed a bug in the MWEB txs. However, these two are different things. The MWEB bug is a protocol bug, and DoS is just a way to exploit it.
DeFi protocols have lost over $750 million to exploits in 2026 through mid-April. This includes the $292 million Kelp DAO bridge drain on April 19. There was another $285 million attack on the Solana-based perpetuals platform Drift on April 1. Cryptopolitan reported how THORChain seems to be becoming a hub for crypto hackers to move funds.