Litecoin, a layer-one blockchain on Proof-of-Work, faced an attack on Saturday. According to the team, the cause was a previously unknown vulnerability. However, some developers disagree and believe the issue may have been known in advance.
The bug triggered a DoS attack on mining pools that used the updated software. As a result, their hashrate temporarily dropped.
This gave an advantage to old nodes. They were able to withdraw funds through decentralized exchanges and cross-chain services. As a result, invalid transactions began to enter the private layer of MimbleWimble Extension Blocks.
Later, the updated nodes regained control of the network. They reorganized the chain by 13 blocks and canceled all invalid transactions. They will not appear in the main chain. The Litecoin team stated that the vulnerability has already been fully fixed.
Amid this incident, there is increasing discussion about the rise in such attacks. The conversation is about hidden vulnerabilities in the code that developers do not initially know about. With the development of AI, such problems are being found faster and faster.
Some May Have Known About the Vulnerability in Advance
According to Alex Shevchenko, co-founder of Aurora, an address on Binance funded the attacker’s wallet even before the incident. This may indicate that the attack was planned in advance.
“The fact that the network automatically recovered after the DoS stoppage is a good sign. It means that part of the hashrate was already running on the updated code. Most likely, this bug was known in advance, and it is not a new vulnerability,” he said.
The timing and choice of target suggest this was not a random attack. Layer-one networks with low hashrate can no longer be considered a reliable foundation for cross-chain operations.
Cross-Chain Bridge Risks Remain
Cross-chain bridges have long been considered one of the most vulnerable points in the crypto industry. Over the past few years, billions of dollars have been stolen through them.
See Also: Cardano Developers Want Nearly $50 Million for Bitcoin DeFi and Vision 2030
One of the latest high-profile cases occurred on April 18. At that time, the Kelp protocol, associated with restaking, was attacked. As a result, the platform lost about $293 million.
