Security

Monero Suffers 18-Block Reorganization from Qubic 51% Attack

A mining pool's majority hash rate control enabled a deep blockchain reorg, invalidating transactions and undermining network finality.
September 16, 20252 min

A white, textured sphere rests within a dynamic, translucent blue, fluid-like structure, set against a light grey background. The blue form exhibits complex ripples and varying opacities, appearing to cradle the sphere
A luminous, multifaceted blue crystal structure, shaped like an 'X' or a cross, is depicted with polished metallic components at its intersections. The object appears to be a stylized control mechanism, possibly a valve, set against a blurred background of blues and greys, with frosty textures on the lower left

Briefing

The Monero blockchain experienced its largest recorded reorganization on September 14, 2025, when the Qubic mining pool, controlling over 50% of the network’s hash rate, executed an 18-block rollback. This consensus manipulation invalidated approximately 117 confirmed transactions, forcing them back to the mempool. While no direct fund theft or double-spending was confirmed, the incident severely disrupted transaction finality and exposed a critical vulnerability in Monero’s Proof-of-Work security model.

A detailed perspective captures a futuristic, metallic blue-grey circuit board, featuring intricate pathways and prominent raised components. This advanced cryptographic hardware represents the foundational elements of Web3 infrastructure, crucial for scalable decentralized finance applications

Context

Prior to this event, Monero relied on a 10-block finality rule, presuming sufficient block confirmations would prevent such deep reorganizations. This incident follows a smaller 6-block reorg by the same Qubic pool in August 2025, signaling a growing concentration of mining power. Smaller Proof-of-Work networks, particularly those prioritizing ASIC resistance and decentralization, remain susceptible to hash rate accumulation and subsequent 51% attacks.

The image displays a close-up of metallic structures integrated with translucent blue fluid channels. The composition highlights advanced engineering and material science

Analysis

The incident leveraged the fundamental “longest chain rule” inherent in Proof-of-Work consensus mechanisms. The Qubic mining pool secretly mined a longer private chain by withholding blocks, then released it to the public network. This longer chain superseded the honest chain, causing all nodes to switch to the attacker’s history and orphan the 18 blocks mined by other participants. The attack vector exploited a critical mass of mining power, allowing the malicious actor to rewrite recent transaction history and temporarily negate the network’s established finality assumptions.

Angular, reflective metallic structures resembling advanced computing hardware interlock with vibrant blue crystalline formations encrusted with a white, frosty substance. A luminous, textured sphere, evocative of a moon, floats centrally amidst these elements

Parameters

  • Protocol TargetedMonero (XMR)
  • Vulnerability Type → 51% Attack / Blockchain Reorganization
  • Attacker Entity → Qubic mining pool
  • Financial Impact → No direct funds stolen; 117-118 transactions invalidated
  • Affected Blockchain → Monero
  • Reorganization Depth → 18 blocks
  • Date of Incident → September 14, 2025
  • Hash Rate Control → Over 50% by Qubic

The image displays a detailed, close-up view of intricate metallic and electric blue machinery components. Various black and blue cables interconnect these robust parts, suggesting a sophisticated electronic device

Outlook

Immediate mitigation includes exchanges raising confirmation requirements for Monero deposits to counteract future short reorgs. The Monero community is actively discussing protocol-level solutions such as “Publish or Perish” to penalize block withholding and exploring merge mining or chain-locking mechanisms to enhance network security. This event underscores the necessity for continuous vigilance against mining centralization, serving as a critical reminder for all Proof-of-Work networks to assess their vulnerability to majority hash rate attacks.

A close-up view showcases a futuristic, metallic device with blue glowing elements, partially encased in a translucent, blue, gel-like substance. The device features intricate internal components, including what appear to be gears and circuits, suggesting advanced mechanical and digital functionality

Verdict

This Monero 51% attack profoundly challenges the perceived immutability and transaction finality of smaller Proof-of-Work chains, demanding immediate and systemic consensus mechanism enhancements across the digital asset ecosystem.

Signal Acquired from → ccn.com

Micro Crypto News Feeds

transaction finality

Definition ∞ Transaction finality refers to the point at which a transaction on a blockchain is considered irreversible and permanently recorded.

proof-of-work

Definition ∞ Proof-of-Work (PoW) is a consensus algorithm that requires participants, known as miners, to solve complex computational puzzles to validate transactions and add new blocks to a blockchain.

mining pool

Definition ∞ A mining pool is a group of cryptocurrency miners who combine their computational resources to increase their chances of finding a block.

monero

Definition ∞ Monero is a privacy-focused cryptocurrency.

reorganization

Definition ∞ A reorganization, in the context of blockchain, refers to a process where the network's state or transaction history is restructured.

mining

Definition ∞ Mining is the process by which new cryptocurrency coins are created and new transactions are verified and added to a blockchain ledger.

blockchain

Definition ∞ A blockchain is a distributed, immutable ledger that records transactions across numerous interconnected computers.

hash rate

Definition ∞ The hash rate is a measure of the computational power dedicated to mining a cryptocurrency on a proof-of-work blockchain.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

consensus mechanism

Definition ∞ A 'Consensus Mechanism' is the process by which a distributed network agrees on the validity of transactions and the state of the ledger.

Tags:

Tags: