
Hacker Drains $5.9M From Ethereum Liquidity Provider TrustedVolumes
A hacker exploits TrustedVolumes, draining $5.9 million in crypto funds.

Litecoin developers released a report detailing a zero-day attack that created 85,000 'fake' LTC due to a bug in the MWEB privacy protocol. The hacker returned the funds for a reward of 850 LTC, but a subsequent attack caused instability in the network and affected other blockchain protocols.
Mentioned in this story
Two days later, Litecoin developers published a final report on two critical incidents related to the MWEB privacy protocol that made the April zero-day attack possible. This is a story of how the same flaw first led to the hidden creation of 85,000 "fake" LTC and then, a month later, triggered failures in other blockchain networks. It all started when a hacker discovered a bug in MWEB (MimbleWimble Extension Block) data validation. This allowed them to execute a "peg-out" operation, withdrawing from the confidential block into the main network, turning a small amount into a massive 85,034 LTC, effectively created out of thin air. Developers and miners acted quickly, and the funds were frozen before they could be cashed out. Instead of a prolonged conflict, the parties reached a peaceful resolution, as the hacker agreed to return the funds in exchange for a legal reward of 850 LTC. To ensure the system balanced perfectly, Litecoin creator Charlie Lee personally purchased these 850 LTC to cover the hacker's bounty.
— Litecoin (@litecoin) April 28, 2026
It seemed the issue was resolved, but in April, a second attack occurred using the same method. This time, updated network nodes were able to detect and block the attack, but it triggered a technical collapse. Due to a code error, mining equipment began to freeze while attempting to process invalid data. The network split, resulting in a rollback of 13 blocks. This is where the most critical and dangerous aspect of the situation emerged. While the Litecoin network was destabilized, automated cross-chain protocols managed to accept transactions from invalid blocks. As a result:
A bug in the MWEB privacy protocol allowed a hacker to execute a 'peg-out' operation, resulting in the creation of 85,034 LTC.
Litecoin reached a peaceful resolution where the hacker agreed to return the funds in exchange for a legal reward of 850 LTC.
The attack caused a network split and a rollback of 13 blocks, leading to losses for external DeFi protocols like NEAR Intents and THORChain.

A hacker exploits TrustedVolumes, draining $5.9 million in crypto funds.

Trump Media's Q1 loss widens to $406 million, heavily impacted by crypto markdowns.

Australian police seize $4.2 million in Bitcoin during raids on darknet marketplace operators.

Bitcoin miners have withdrawn 3,400 BTC as prices rise; could this impact recovery?

Experts at Consensus Miami 2026 argue sports betting should be a financial product, not gambling.

Exploring China's dual-track strategy on crypto regulation and Bitcoin mining.
See every story in Crypto — including breaking news and analysis.