Key Takeaways:
A Litecoin MWEB validation bug let an attacker inflate and peg out 85,034 LTC in March 2026, but the actor returned the funds for an 850 LTC bounty. An April 2026 exploit attempt triggered a 13-block chain reorg, causing NEAR Intents to lose 11,000 LTC swapped for 7.78 BTC. Litecoin Core v0.21.5.4 patches both the inflation bug and the mining node stall that enabled the April reorg. Litecoin Developers Release Postmortem After MWEB Bug Causes Chain ReorgDevelopers said they coordinated privately with major mining pools to contain the inflated outputs before public disclosure. An emergency release, Litecoin Core 0.21.5, was pushed to miners to block new malformed inputs. A follow-up release, 0.21.5.1, added a historical exception for the already-accepted exploit block and temporarily froze the three transparent outpoints holding the attacker’s funds.
The invalid chain grew to 13 blocks before upgraded miners coordinated to overtake it. The bad chain was reorged out, but several third-party systems had already processed activity on the invalid chain before the reorg completed.
Litecoin Core 0.21.5.4 addressed the mutated-block stall by erasing stored block data for blocks classified as mutated, allowing valid data for the same block hash to be accepted later. The release was built and deployed publicly on April 25.
The postmortem blogpost acknowledged several failures in the response, including that MWEB validation relied too heavily on checks that were not applied at block connection, that the recovery required multiple staged miner releases each carrying coordination risk, and that the April mutated-block failure mode had not been tested against mining RPC behavior.
