Loading Ratings...
On September 14, Monero suffered its biggest reorg attack to date which rolled back 36 mins of transactions. We explain what happened.
Author: Sahil Thakur
Published On: Thu, 18 Sep 2025 04:50:33 GMT
In mid-September 2025, Monero blockchain experienced its largest chain reorg to date. Over an 18-block span, previously confirmed blocks were orphaned, wiping out around 117 to 118 transactions. The attack started at block height 3,499,659 on September 14 at 5:12 AM UTC and lasted until block 3,499,676, roughly 36 to 43 minutes later.
The event was no accident. Qubic had quietly gained over 51% of Monero’s hash power in the preceding weeks. With that control, they executed a deliberate attack.
Using its hashpower dominance, Qubic carried out a selfish mining strategy. It privately mined a longer alternative chain, then suddenly broadcast it to the public network. Because Monero nodes follow the “longest chain wins” rule, they accepted the Qubic chain. This triggered the reorganization and orphaned the previous 18 blocks.
Normally, Monero treats blocks as final after 10 confirmations. But this reorg went well beyond that. It revealed that an attacker with enough hashpower could override Monero’s safeguards, even without exploiting any software bug. Instead, Qubic exploited the network’s core assumption: that no single entity would control a majority of mining power.
Qubic introduced a unique model called “useful Proof-of-Work” (uPoW). This approach redirected mining resources toward AI tasks. Meanwhile, XMR rewards from mining went toward QUBIC token buybacks and burns. As a result, Qubic miners received indirect incentives. Many joined the pool, concentrating mining power further.
By late August 2025, Qubic’s pool hovered at around 51% of Monero’s total hashrate. With that edge, they began privately mining blocks faster than the rest of the network. Then, they published an 18-block fork that overtook the public chain. All nodes switched to this version, instantly erasing about 36 minutes of transaction history.
This wasn’t Qubic’s first move. In August 2025, they executed a smaller reorg involving six blocks. They later admitted it was a test run. Two weeks before the main attack, they even managed to orphan up to 16 blocks but voluntarily limited the depth to avoid triggering double-spend concerns.
By September 14, most exchanges had raised their confirmation thresholds. With fewer risks of successful double-spending, Qubic went ahead with the full 18-block reorg. In the end, they didn’t breach any cryptographic system. They simply took advantage of Monero’s reliance on hashpower consensus, using centralized mining control to rewrite the chain’s recent hist.
The attack immediately invalidated 118 previously confirmed transactions. These were pushed back into the mempool, essentially rolling back 36 minutes of payment history. Users who thought their transactions were final saw them vanish from the official chain. Eventually, those transactions were re-added to later blocks, though the order sometimes changed. This led to delays for some payments.
Although Monero’s rules prevent identical outputs from being spent twice, the extended reorg window increased the risk. An attacker could have inserted conflicting transactions. Fortunately, no confirmed double-spends occurred. Most likely, exchanges and services had already raised their confirmation thresholds. Still, the 18-block reorg shattered the network’s short-term finality assumptions.
The network didn’t go offline, but its stability took a major hit. Within 24 hours around the attack, nearly 29.5% of blocks (213 out of 720) were orphaned. Normally, Monero sees an orphan rate well below 1%. The spike showed how unstable the chain became.
Multiple mining pools, including Qubic, HashVault, and SupportXMR produced blocks simultaneously. Many of these blocks were later discarded. Some wallets and services ran into problems due to the unusual reorg depth. For instance, some users reported wallet transaction errors tied to a known bug.
In response, many exchanges, merchants, and wallet providers quickly increased their confirmation requirements for XMR. Influential voices on social media urged merchants to demand more than the usual 10 confirmations, warning that the old rule no longer held up.
While no theft occurred, the attack proved Monero was vulnerable to deep reorgs. This kind of event often precedes double-spend attacks on proof-of-work chains. As a result, trust in Monero as a payment method declined.
Some individuals reacted strongly. One crypto commentator publicly stated he would no longer accept XMR, calling it unreliable. Others followed with caution. Merchants and services began requiring dozens or even hundreds of confirmations.
Kraken had already paused Monero deposits in August due to Qubic’s growing influence. When they resumed, they enforced a strict 720-block confirmation requirement. Other platforms also adjusted their policies. Now, Monero users face longer wait times for deposits and withdrawals on several services.
Surprisingly, Monero’s price didn’t crash. Instead, it spiked. Right after the attack on September 14, XMR rose from the high $280s to over $330—a 7% gain. It hit a two-month high, and trading volumes surged by nearly 80%.
Some speculated that Qubic timed the attack to support the price. Others believed the market simply brushed off the event as minor. Opportunistic traders may have also fueled the rally. Despite the volatility, XMR ended up about 6% higher than before the attack.
In short, the market remained bullish. But confidence among users and businesses clearly dropped. The network’s response – stricter confirmation rules and delayed processing, shows just how shaken the ecosystem was, even if the price suggested otherwise.
The Monero core developers responded quickly to the reorg attack. Within hours, contributors and researchers confirmed the incident across forums and GitHub. The team immediately began discussing emergency measures to prevent similar attacks in the future.
One major proposal was to use temporary DNS checkpoints. This method would bundle cryptographically signed block hashes into DNS records that nodes could trust. It would cap how far the chain could be reorganized. Though controversial, the idea gained traction. Developers opened a related GitHub issue in late August. By mid-September, testing had already begun.
Still, the team admitted this approach introduced a central point of trust, clashing with Monero’s decentralized ideals. As of September 18, no code patch had been officially released. However, developers hinted that a minor version update was on the way. It might include measures like raising confirmation thresholds or temporarily adding DNS checkpoints.
In parallel, Monero’s maintainers reached out to Qubic’s team. They used Discord to investigate the event and coordinate responses. Qubic even offered to self-limit its mining operations to 9-block reorgs, a gesture it claimed was in good faith.
Qubic’s founder, Sergey Ivancheglo (aka “Come-from-Beyond”), made a cryptic statement: “Monero will stay because Qubic wanted it to stay.” Many interpreted this as Qubic flexing its power – claiming it could have done worse but chose not to.
In a blog post, Qubic framed the attack as a public experiment. They claimed the goal was to expose Monero’s vulnerabilities, not to cause harm. Since they didn’t attempt double-spends and opened dialogue with developers, Qubic painted itself as a responsible actor.
Still, the Monero community remains skeptical. Even a so-called “benevolent” 51% attack sets a troubling precedent. It undermines decentralization and highlights the risks of mining centralization.
The broader community reacted with a mix of concern, debate, and realism. Some privacy advocates warned against temporary fixes like DNS checkpoints or ChainLocks. They feared these could erode the network’s trustlessness. To them, relying on “trusted” checkpoints risks moving Monero away from being permissionless.
Others took a pragmatic stance. They argued that in the face of an existential threat, some compromise might be necessary. Doing nothing could invite more attacks. In their view, short-term centralization could protect long-term decentralization.
Security experts also weighed in. Some warned that unless the community acts, Monero will remain under a constant threat. Even without exploiting the network for profit, a single entity with the power to rewrite history poses a serious risk. Businesses and users may hesitate to trust the chain.
Major exchanges responded swiftly. Kraken had already paused XMR deposits back in August, anticipating trouble. After the September reorg, Kraken and others either kept deposits suspended or reopened them with strict requirements, sometimes needing hundreds of confirmations.
Some exchanges also temporarily halted withdrawals. Binance and others issued alerts, telling users that Monero transactions might face delays or require extra steps. Payment services and merchants adjusted their systems too. Many increased confirmation times or stopped accepting XMR until the network stabilized.
Meanwhile, the community encouraged users to take more control. They urged people to run their own nodes, apply future patches, and spread mining activity across smaller pools. This strategy aimed to reduce Qubic’s influence and restore decentralization.
Importantly, the attack didn’t break Monero’s privacy features. But it did expose weaknesses in its security model. The consensus was clear: Monero’s privacy remains intact, but its consensus protections need urgent reinforcement.
Community members noticed a sudden spike in mining hashpower from a single entity. By July 28, reports suggested that Qubic’s mining pool had possibly surpassed 50% of Monero’s hashrate. This raised alarms about a potential 51% attack.
Qubic publicly claimed majority control of Monero’s hashpower. Soon after, they executed a small chain reorg—about 6 to 7 blocks—as a proof of concept. Between August 15 and 17, Kraken responded by halting XMR deposits to protect users. When deposits resumed, Kraken required 720 confirmations per transaction. Other exchanges also raised confirmation thresholds or issued warnings.
Monero developers and researchers began meeting to plan emergency countermeasures. On August 31, a GitHub issue proposed temporary DNS checkpoints to resist centralized mining attacks. The community started debating trade-offs between decentralization and security. Other ideas, like ChainLocks, merge-mining, and new mining algorithms, were suggested but not implemented yet.
Qubic continued mining heavily. In early September (Epoch 175), it secretly built a chain 16 blocks longer than the main chain. However, it only revealed a 9-block reorg, avoiding deeper disruption. This move served as a warning. Node operators reported a higher orphan rate, showing signs of network instability even before the main attack.
At 5:12 AM UTC, Monero nodes detected a major reorganization. Qubic’s hidden chain overtook the main chain at block 3,499,659. Over 43 minutes, it pushed 18 new blocks and replaced the existing ones up to block 3,499,676. The attack erased 36 minutes of transaction history. Community monitors quickly raised alarms across social platforms, urging users and businesses to increase confirmation requirements.
The reorg ended without further extension. Qubic stopped at 18 blocks, suggesting the attack was a one-time event. Developers and community leaders quickly coordinated via chat and GitHub. They confirmed that 118 transactions were dropped and needed to be re-mined. Miners began including those from the mempool shortly after.
Exchanges like Binance and Bittrex responded by suspending or adjusting XMR-related operations. Meanwhile, Qubic confirmed on Discord that the attack was intentional. Strangely, instead of falling, Monero’s price jumped by over 7% within eight hours. This rally drew media attention and added an unexpected twist to the incident.
Crypto news outlets covered the story in depth. Developers released public statements reassuring users that no funds were stolen. They also outlined potential fixes, including the planned use of DNS checkpoints. Discussions exploded across platforms. Some users called the situation overblown. Others feared it marked a deeper threat to Monero’s decentralization.
The development team accelerated its work. They tested emergency updates that let node operators use DNS checkpoints. These limited reorgs to 10 blocks during the crisis. No hard fork or major protocol change happened yet, but plans for structural updates—including a possible algorithm change—were underway.
Qubic released a blog post stating it would reduce its mining impact. It promised to limit any future reorgs to nine blocks and claimed it never intended to cause harm. By this time, most exchanges had already adjusted their systems and cautiously resumed services. Block production stabilized, and the orphan rate started to drop—possibly as miners began leaving Qubic’s pool.
On September 17, Monero’s dev team held a regular meeting. “Mining pool centralization” topped the agenda. They discussed options like rolling 10-block checkpoints and incentives to punish selfish mining. The Monero Research Lab began preparing a full postmortem. Meanwhile, the community focused on recovery.
Trust in the network began to return, thanks to quick coordination and transparency. But the event marked a turning point. It pushed Monero to rethink its security model and consider new strategies to protect decentralization.
After the September 2025 reorg attack, Monero’s developers and community carried out a detailed postmortem. They found that the root cause wasn’t a cryptographic flaw but a combination of economic and centralization issues. Monero’s relatively low total hashpower left it open to takeover once Qubic found a way to incentivize miners effectively.
This event exposed a tough trade-off: Monero’s inclusive, CPU-friendly mining design—meant to promote decentralization—ended up making it easier for one entity to dominate. The attack showed that if mining remains concentrated, the network will continue to face real risks of deep reorgs and possible double-spends.
The biggest takeaway was the urgent need for stronger finality. For nine years, Monero never saw reorgs beyond a few blocks, so users trusted that 10 confirmations meant safety. That assumption no longer holds. Now, the community sees that without better hashpower distribution or added safeguards, such trust can be misplaced.
Decentralized mining became more than a philosophical goal—it became a critical priority. As a result, new interest grew around solo mining and supporting smaller pools.
In response, Monero began deploying temporary DNS-based checkpoints. These allow node software to fetch recent signed block hashes from trusted community servers. If a rogue chain tries to reorganize beyond that point, nodes can reject it. While still optional and not network-wide, many operators have already adopted these rolling checkpoints.
Developers made it clear: these checkpoints are temporary. They plan to remove them once the threat subsides. Meanwhile, Monero’s maintainers are reviewing the 10-block lock mechanism. They’re exploring updates like manual intervention or alerts for unusually deep reorgs.
Exchanges also took action. By raising confirmation thresholds dramatically, they made it much harder and more expensive for attackers to fool their systems. This collective move serves as a temporary but powerful deterrent.
The attack reignited debates over how to make Monero more resistant to 51% attacks. Some older ideas are now under serious review:
In the short term, centralized checkpoints and increased vigilance are keeping the network stable. But Monero’s long-term path may include protocol changes via a hard fork. Any such update must balance security needs with the project’s core values of privacy and decentralization.
As one developer put it, the goal is to “restore operational finality…without distorting the original architecture.” The attack didn’t just cause technical disruptions—it forced a philosophical reckoning for the project.
The September 2025 reorg attack marked a turning point in Monero’s journey. It exposed vulnerabilities, but also prompted rapid and thoughtful action. The community is now pushing forward with stronger safeguards, both technical and social.
This moment will likely shape Monero’s future. More broadly, it offers valuable lessons to other proof-of-work cryptocurrencies wrestling with centralization and security. If Monero emerges more resilient, it will be because it faced the threat head-on—and adapted without abandoning its principles.
Real voices. Real reactions.
Weekly Crypto Update: Fed Delivers First 2025 Rate Cut
Ethereum Shanghai Upgrade: A Defining Moment in History
Real-World Use Cases of DIDs: From Blockchain to Everyday Applications
Top NFT Marketplace Platforms in 2025
Weekly Crypto Update: Fed Delivers First 2025 Rate Cut
Ethereum Shanghai Upgrade: A Defining Moment in History
Real-World Use Cases of DIDs: From Blockchain to Everyday Applications
Top NFT Marketplace Platforms in 2025
