Litecoin Suffers Denial-of-Service Attack Due To Network Bug — Details
According to the most recent report, main Litecoin mining swimming pools had been hit by a Denial-of-Service (DOS) assault this weekend on account of a zero-day vulnerability within the community. The Litecoin Foundation confirmed that the bug has been patched and the community is absolutely operational.
Litecoin Attacker Attempts Double-Spend Exploits On Cross-Chain Protocols
On Saturday, April 25, the Litecoin Foundation reported in a submit on the X platform {that a} Denial-of-Service assault occurred on its community. According to the inspiration, this exploit, enabled by a zero-day bug within the community’s MimbleWimble Extension Block (MWEB) privateness layer, allowed the dangerous actor to try double-spends in opposition to cross-chain swap protocols.
The basis defined that the vulnerability allowed non-updated mining nodes to facilitate an invalid MWEB transaction, which enabled people to peg out cash to third-party decentralized exchanges. This DOS assault brought about a disruption to the traditional operations of main mining swimming pools, the autopsy report learn.
The Litecoin Foundation famous that the assault was mitigated by means of a 13-block reorganization (reorg), which reversed the invalid transactions and prevented them from being added to the blockchain. “All legitimate transactions throughout that interval stay unaffected,” the inspiration additional clarified.
It is value noting that the Litecoin Foundation didn’t establish any affected swimming pools and didn’t specify the worth of the invalid MWEB transactions created. Meanwhile, this incident comes at a time when blockchain insecurity has been rife, with the business nonetheless reeling from the latest Kelp DAO attack.
Aurora Labs CEO: Zero-Day Or Inside Job?
Aurora Labs CEO Alex Shevchenko, who caught the Litecoin assault early, instructed that the DOS exploit had the markings of an inside job. According to the crypto founder, the attacker deliberate to swap LTC into ETH on a lately funded handle, suggesting the exploiter knew in regards to the bug from the outset.
Hence, the Aurora Labs CEO thinks prior information defeats the entire concept of a “zero-day purchase,” which suggests a software program vulnerability unknown to the creator or the general public. Shevchenko explained that the DOS assault concerned placing nodes right down to lower the hashrate and was a approach to exploit the purchase.
Shevchenko wrote on X:
The proven fact that protocol mechanically dealt with the reorg as soon as DoS stopped (which is nice) implies that some portion of the hashrate was truly working an up to date code. Thus, this bug was recognized and it’s not a zero-day.
As of this writing, the worth of LTC is round $55.92, with no important change over the previous 24 hours. Despite the FUD (worry, uncertainty, and doubt) surrounding information of this DOS assault, the altcoin dropped by about 1.2% on the day.
