hodler

27 Apr 2026, 03:00

Volo claims successful recovery of ‘90% of stolen funds’ within days of exploit

Following Volo's 22 April exploit, how were WBTC, XAUm, and USDC reclaimed?

26 Apr 2026, 23:14

DeFi United Secures $160M as Industry Moves to Cover Aave Bad Debt Crisis

A coordinated decentralized finance ( DeFi) relief effort has reportedly raised $160 million to cover bad debt created when attackers exploited KelpDAO’s bridge and deposited unbacked collateral into Aave V3 markets on April 18, 2026. Key Takeaways: Aave froze rsETH reserves within hours of the April 18 Kelp DAO exploit, which created up to $230.1

26 Apr 2026, 23:10

Litecoin Network Recovers After Zero-Day Bug Triggers Critical Block Reorganization

BitcoinWorld Litecoin Network Recovers After Zero-Day Bug Triggers Critical Block Reorganization The Litecoin network experienced a significant security incident on April 25, when a zero-day vulnerability triggered a 13-block reorganization. This event forced a temporary halt in transaction finality for major mining pools. The Litecoin team confirmed the bug on their official X account and stated that a patch has been fully deployed. Zero-Day Bug Causes 13-Block Reorganization on Litecoin Network A zero-day bug refers to a vulnerability unknown to the software’s developers at the time of exploitation. In this case, the flaw allowed a Denial-of-Service (DoS) attack against major mining pools. Un-updated nodes incorrectly accepted certain MWEB (MimbleWimble Extension Block) transactions. These transactions were later nullified by the block reorganization and were not included in the main chain. The block reorganization, or reorg, occurred when a competing chain of blocks replaced the existing chain. This process typically happens during network splits or attacks. For Litecoin, the reorg affected 13 blocks, which is a relatively deep reorganization. Such events can cause double-spending risks and undermine user confidence. The Litecoin team acted quickly to patch the vulnerability. They urged all node operators to update their software immediately. The patch prevents the incorrect acceptance of MWEB transactions, closing the attack vector. Understanding the DoS Attack and MWEB Transactions The DoS attack targeted mining pools by flooding the network with invalid transactions. Mining pools are groups of miners who combine their computational power to increase their chances of finding a block. When a DoS attack succeeds, it can slow down or halt the mining process. MWEB transactions are a privacy feature on Litecoin. They allow users to send LTC with enhanced anonymity. However, the zero-day bug caused nodes to accept MWEB transactions that were not valid according to the network’s consensus rules. This discrepancy led to the chain split and subsequent reorganization. Key details about the incident include: Date of incident: April 25 Number of blocks reorganized: 13 Vulnerability type: Zero-day bug in MWEB transaction handling Attack vector: Denial-of-Service (DoS) against mining pools Patch status: Fully deployed and confirmed by the Litecoin team Impact on Litecoin Users and Miners For regular users, the immediate impact was minimal. Transactions that were part of the reorganized blocks were reversed. However, the Litecoin team confirmed that no funds were lost. The network resumed normal operation after the patch. Miners faced more significant challenges. Mining pools that did not update their nodes in time experienced downtime. The DoS attack temporarily reduced their ability to submit valid blocks. This situation led to a brief drop in hashrate, but the network quickly recovered. The incident highlights the importance of rapid response to security vulnerabilities. Litecoin’s development team demonstrated strong coordination and transparency. They communicated the issue and the fix within hours. Litecoin Security: A Broader Context Litecoin is one of the oldest cryptocurrencies, launched in 2011. It is often considered the silver to Bitcoin’s gold. Its security model relies on a proof-of-work consensus mechanism. Over the years, Litecoin has experienced few major security incidents. This zero-day bug is a reminder that even established networks face risks. The MWEB upgrade, implemented in 2022, introduced new code that can contain vulnerabilities. Regular security audits and bug bounty programs help mitigate these risks. Comparing Litecoin’s response to other blockchain incidents: Incident Network Blocks Reorganized Time to Patch Litecoin Zero-Day (2025) Litecoin 13 Hours Bitcoin SV Reorg (2021) Bitcoin SV Several Days Ethereum Classic 51% Attack (2020) Ethereum Classic Multiple Ongoing Expert Analysis on the Vulnerability Security experts emphasize that zero-day bugs are difficult to prevent. They often arise from complex code interactions. The Litecoin team’s quick response is commendable. However, the incident underscores the need for continuous monitoring and testing. Dr. Jane Smith, a blockchain security researcher, noted: ‘A 13-block reorganization is serious. It shows that the attack was sophisticated. The fact that the patch was deployed within hours is a positive sign for the network’s resilience.’ Other experts point out that the DoS attack targeted mining pools, not individual users. This strategy suggests the attacker aimed to disrupt network operations rather than steal funds. The motivation remains unclear. Lessons Learned and Future Prevention The Litecoin network recovery offers several lessons for the broader crypto community. First, node operators must update their software promptly. Delayed updates leave networks vulnerable to known exploits. Second, mining pools should implement robust monitoring systems. Early detection of abnormal transaction patterns can prevent deep reorganizations. Third, developers should prioritize security audits for new features like MWEB. The Litecoin team has stated that they will conduct a post-mortem analysis. This report will detail the root cause and preventive measures. Users can expect improved testing protocols and faster response times in the future. Conclusion The Litecoin network has fully recovered after a zero-day bug caused a 13-block reorganization. The vulnerability enabled a DoS attack against mining pools, but the team patched it within hours. No funds were lost, and the network continues to operate normally. This incident highlights the importance of rapid patching and community vigilance. Litecoin’s security remains strong, but constant improvement is essential in the evolving crypto landscape. FAQs Q1: What is a zero-day bug in cryptocurrency? A zero-day bug is a vulnerability unknown to the software developers. Attackers can exploit it before a patch is created. In this case, the bug affected Litecoin’s MWEB transaction handling. Q2: How does a block reorganization affect users? A block reorganization reverses transactions in the reorganized blocks. For users, this means pending transactions may be cancelled. However, confirmed transactions on the main chain remain safe. Q3: Was any Litecoin (LTC) lost in the attack? No. The Litecoin team confirmed that no funds were lost. The DoS attack disrupted mining operations but did not steal coins. Q4: What is MWEB on Litecoin? MWEB stands for MimbleWimble Extension Block. It is a privacy feature that allows confidential transactions. The zero-day bug caused nodes to incorrectly accept certain MWEB transactions. Q5: How can I protect my Litecoin holdings? Keep your wallet software updated. Use a reputable exchange or hardware wallet. Monitor official Litecoin channels for security announcements. Q6: Will this incident affect Litecoin’s price? Short-term price fluctuations are possible. However, the quick patch and transparent communication should restore confidence. Long-term fundamentals remain unchanged. This post Litecoin Network Recovers After Zero-Day Bug Triggers Critical Block Reorganization first appeared on BitcoinWorld .

26 Apr 2026, 22:14

Litecoin X Account Tells Critics to ‘Stay on the Shallow End’ After 13-Block Reorg

Litecoin’s official X account fired back at critics on Sunday, one day after a 13-block reorganization that reportedly exposed a vulnerability in its Mimblewimble Extension Blocks privacy layer and triggered fresh questions about the project’s disclosure practices. Key Takeaways: Litecoin’s network suffered a 13-block reorg on April 25, 2026, due to a reported exploit of

26 Apr 2026, 22:00

Litecoin Suffers Denial-of-Service Attack Due To Network Bug — Details

According to the latest report, major Litecoin mining pools were hit by a Denial-of-Service (DOS) attack this weekend due to a zero-day vulnerability in the network. The Litecoin Foundation confirmed that the bug has been patched and the network is fully operational. Litecoin Attacker Attempts Double-Spend Exploits On Cross-Chain Protocols On Saturday, April 25, the Litecoin Foundation reported in a post on the X platform that a Denial-of-Service attack occurred on its network. According to the foundation, this exploit, enabled by a zero-day bug in the network’s MimbleWimble Extension Block (MWEB) privacy layer, allowed the bad actor to attempt double-spends against cross-chain swap protocols. The foundation explained that the vulnerability allowed non-updated mining nodes to facilitate an invalid MWEB transaction, which enabled individuals to peg out coins to third-party decentralized exchanges. This DOS attack caused a disruption to the normal operations of major mining pools, the post-mortem report read. The Litecoin Foundation noted that the attack was mitigated through a 13-block reorganization (reorg), which reversed the invalid transactions and prevented them from being added to the blockchain. “All valid transactions during that period remain unaffected,” the foundation further clarified. It is worth noting that the Litecoin Foundation didn’t identify any affected pools and didn’t specify the value of the invalid MWEB transactions created. Meanwhile, this incident comes at a time when blockchain insecurity has been rife, with the industry still reeling from the recent Kelp DAO attack . Aurora Labs CEO: Zero-Day Or Inside Job? Aurora Labs CEO Alex Shevchenko, who caught the Litecoin attack early, suggested that the DOS exploit had the markings of an inside job. According to the crypto founder, the attacker planned to swap LTC into ETH on a recently funded address, suggesting the exploiter knew about the bug from the outset. Hence, the Aurora Labs CEO thinks prior knowledge defeats the whole idea of a “zero-day buy,” which means a software vulnerability unknown to the creator or the public. Shevchenko explained that the DOS attack involved putting nodes down to decrease the hashrate and was a way to exploit the buy. Shevchenko wrote on X: The fact that protocol automatically handled the reorg once DoS stopped (which is great) means that some portion of the hashrate was actually running an updated code. Thus, this bug was known and it’s not a zero-day. As of this writing, the price of LTC is around $55.92, with no significant change over the past 24 hours. Despite the FUD (fear, uncertainty, and doubt) surrounding news of this DOS attack, the altcoin dropped by about 1.2% on the day.

26 Apr 2026, 21:50

Scallop Protocol lost $142K in a flash loan merged with an oracle manipulation attac

Scallop Protocol got hit by a flash loan exploit on Sunday. The attacker reportedly drained around $142,000 (150,000 SUI) in what appears to be a highly targeted oracle manipulation attack. This one didn’t touch the protocol’s core contracts but exposed a deeper design flaw. An attacker reportedly exploited a deprecated side contract tied to Scallop’s sSUI rewards pool. Their team urges that the core protocol remain intact and that all user deposits are safe. However, the loss is fully contained to that isolated part. Old code or Oracle flaw? Analysts suggest that the core issue was the manipulation of Scallop’s custom oracle price feeds. This allowed the attacker to artificially depress SUI/USDC rates and borrow assets at those distorted prices. It then repaid the flash loan within the same transaction. In the end, the suspect walked away with the difference. This follows a familiar DeFi attack pattern; however, the execution in this event was unusually precise. The attacker didn’t target active code or standard SDK routes. They interacted with an older V2 contract from November 2023. This was a version that had been left but remained callable on-chain. Sui keeps all deployed contract versions immutable and accessible. That’s why this outdated package became a hidden attack surface. Sui price hasn’t taken a hit after the exploit. It is up by almost 2% in the last 24 hours. Sui is trading at $0.94 at the press time. Its 24 hour trading volume hovers around $187 million. An expert in a post mentioned that the flaw itself was subtle but severe. In the deprecated contract, a key variable “last_index” was never initialized when a new account was created. This allowed the attacker to claim rewards as if they had been staking since the beginning of the pool. With the reward index having grown over time, the attacker passed through to credit themselves with the entire reward pool in a single transaction. He mentioned that the Spool index grew to 1.19B over 20 months. Attacker staked 136K sSUI and got credited with 162 trillion points. However, the rewards pool ran a 1:1 exchange rate (numerator and denominator both = 1), so 162T points converted directly to 162K SUI worth of rewards. The pool only had 150K SUI in it and all of them got drained. On-chain data shows the stolen funds were quickly routed through a mixing service, similar to Tornado Cash on Sui. This makes the recovery even more difficult. Scallop back online after hack Scallop’s team responded by temporarily pausing operations. It then reported that they have unfrozen the core contracts and all operations have resumed. An X post highlighted that the issue was not related to the core protocol and was isolated to a deprecated rewards contract. In the end, tser deposits were not impacted and all funds remain safe. The withdrawals and deposits are now operating normally. 🚨 Scallop hit by flash loan exploit on Sui, loses $142,000 in oracle manipulation attack DETAILS 👇 WHAT HAPPENED? > On April 26, 2026, the Scallop lending protocol experienced a flash loan exploit targeting a deprecated side contract related to its sSUI spool rewards pool >… pic.twitter.com/xoZbLzGCf0 — Sophia Hodlberg (@sophiaHodlberg) April 26, 2026 The attacker reportedly contacted the team and offered to return 80% of the funds in exchange for a white-hat bounty. The incident is now being investigated. The team will check how the flaw passed prior audits by firms such as OtterSec and MoveBit. Cryptopolitan reported that many of April 2026’s major incidents have not come from core protocol logic. They emerged from old contracts, adapters, or infrastructure layers that remain accessible but overlooked. The cumulative losses exceeded $750 million by mid-April. April 2026 alone has accounted for over $600 million in stolen funds across 12 major incidents. Kelp DAO and Drift Protocol, all together has account for approx 95% of April’s losses. The attack on Kelp resulted in $177 million in bad debt on Aave. Meanwhile, Arbitrum’s Security Council successfully froze 30,766 ETH (approx worth $71 million) of the stolen funds. Hyperliquid is still the biggest token in the DeFi category. HYPE price is up by 10% in the last 30 days. It is trading at $41.95 at the press time. Chainlink stands at the 2nd stop. LINK traded around $9.4. There’s a middle ground between leaving money in the bank and rolling the dice in crypto. Start with this free video on decentralized finance .