Key Takeaways
- Monero suffered its largest-ever reorg, invalidating 118 transactions and forcing payments back to the mempool.
- The attacker withheld blocks and later published a longer private chain.
- The event was linked to the Qubic pool, which amassed over 50% hash rate and had staged a smaller 6-block reorg in August.
- There’s no evidence of stolen funds or confirmed double-spends.
Monero, a popular privacy-focused cryptocurrency, recently experienced an unprecedented blockchain reorganization (or reorg) that shook the community. In a reorg attack, the normal transaction history of a blockchain is rolled back by an attacker who controls enough mining power.
Essentially, a miner (or mining pool) with the majority of the network’s computing power can secretly create a longer alternative chain and then publish it. Because most cryptocurrencies follow the rule that “the longest valid chain is the correct one,” all other nodes switch to this new chain.
This forces the network to discard the original blocks and any transactions they contained. The result can be dramatic: confirmed payments suddenly vanish and must be reprocessed, which opens the door to double-spending and undermines trust.
For Monero and other proof-of-work (PoW) coins, this kind of attack is essentially the same as a 51% attack, where one entity controls more than half of the mining power. In such a scenario, the attacker can block or reverse transactions and undermine the normal security of the blockchain.
What Is a Blockchain Reorg Attack?
A blockchain reorganization attack happens when the transaction chain is rewritten in a way that invalidates some recent blocks. In normal operation, Monero nodes follow the longest chain rule: they always treat the longest valid PoW chain as the official ledger.
In a reorg attack, however, a miner with exceptional hashpower withholds newly mined blocks instead of broadcasting them immediately. Later, the attacker releases this hidden chain. If their private chain is longer than the public one, all other nodes switch to it as the canonical history.
The “lost” blocks and transactions from the old chain are dropped as if they never happened. For example, in the recent Monero incident, the attacker’s chain overtook the public network, forcing nodes to discard 18 blocks and more than 117 transactions.
This kind of attack can enable double-spending: the attacker can spend coins on the original chain and then invalidate those transactions when the new chain takes over. In short, a reorg attack exploits PoW’s longest-chain rule to rewrite history, and it typically requires the attacker to have a very large share of the network’s mining power.
What Happened in the Monero Reorg Incident of September 2025?
In mid-September 2025, Monero suffered its biggest blockchain reorganization in history. On September 14, 2025, the network unexpectedly “rolled back” 18 blocks, erasing roughly 36 minutes of transaction history.
Independent observers quickly confirmed the event. Researchers reported that the reorganization began at block height 3,499,659 around 5:12 AM UTC and ended at height 3,499,676 about 43 minutes later. In total, around 117–118 previously confirmed transactions were invalidated (as if they never occurred) when the network switched to the attacker’s longer chain.
The reorg was linked to Qubic, a mining pool and “useful proof-of-work” project led by Sergey Ivancheglo. Qubic had quietly accumulated an exceptionally large share of Monero’s mining hash rate — over 50%. By withholding blocks and then releasing its private chain, Qubic overrode the public Monero blockchain.
Despite reversing many transactions, Monero’s price actually rose 5–7% on the day, possibly because investors saw that no coins were double-spent or stolen. Still, the event marked the deepest reorganization on record for Monero.
Because Monero’s protocol always accepts the longest chain as valid, the network had no choice but to accept Qubic’s chain. All blocks mined by honest miners during those 18 blocks were orphaned, and their transactions were sent back to the mempool. In practice, this meant that some users and businesses saw their Monero payments reversed.
The incident also shattered the conventional wisdom that waiting for 10 confirmations is enough to finalize a Monero transaction. Analysts noted that ten confirmations no longer provided sufficient assurance after this event. Many exchanges and services temporarily raised their confirmation thresholds to avoid processing risky transactions.
By the time the dust settled, the Monero developer and user community was alarmed but not panicked. Researchers confirmed that this rollback was the largest in Monero’s 12-year history and quickly pointed out that it was nearly a repeat of a smaller attack from the previous month.
Has Monero Faced Reorg Attacks Before?
Yes, Monero had a close call just weeks earlier.
- In August 2025, the same Qubic pool targeted Monero with a smaller-scale reorg. Qubic announced that it had performed a 6-block chain reorganization on Monero, orphaning about 60 blocks of history. This move suggested Qubic briefly controlled a majority of the hashing power.
- Exchanges reacted immediately. For example, Kraken publicly stated that it paused Monero deposits as a “security precaution” after detecting a single pool with over 50% hash power. In other words, Kraken effectively froze XMR deposits until the network stabilized.
- Security experts described this event as a “successful 51% attack” since Qubic’s control allowed for significant manipulation of the ledger.
Prior to these incidents, Monero had not suffered any known malicious reorg or 51% attack on its mainnet. The network had a built-in 10-block “finality” rule to guard against short reorganizations, but these incidents exceeded that limit.
The August and September reorgs demonstrated that if one pool controls too much mining power, it can break the usual security assumptions of Monero’s proof-of-work rules.
Why Does Monero’s Reorg Attacks Matter for Privacy Coins and Crypto?
Monero is one of the largest privacy coins by market cap, known for strong anonymity features such as ring signatures and stealth addresses. An attack on such a coin has implications beyond just Monero.
First, it highlights that any smaller PoW network, especially those prioritizing privacy and ASIC resistance over raw hashpower, can be vulnerable if mining power concentrates.
Privacy-focused cryptocurrencies often rely on smaller, tightly-knit mining communities. Unlike larger blockchains with massive hashrates that make reorgs nearly impossible, Monero’s lower hash rate increases its vulnerability.
For Monero specifically, the incident rattled confidence among some users and businesses. At least one crypto merchant announced it will stop accepting XMR payments until the network stabilizes.
In the broader crypto market, such incidents can also influence regulator and exchange behavior. Privacy coins are already under heavy scrutiny in many regions, and some analysts warned that this event might lead to tighter compliance rules or even delistings on certain exchanges.
On the flip side, it’s important to note that no actual funds were stolen in the reorg, the attacker only invalidated pending transactions. In fact, Monero’s price briefly rallied on the news, suggesting that investors were reassured that the coin’s core privacy tech remained intact.
Nonetheless, the attack serves as a wake-up call: it underscores the risk that even well-established privacy coins face if mining becomes too centralized.
How Can Monero Prevent Future Reorg Attacks?
Monero developers and community members are now actively discussing solutions. In the immediate aftermath, many exchanges raised the number of confirmations required for deposits, making it harder to exploit another short reorg.
On the protocol side, one popular proposal is nicknamed “Publish or Perish.” It involves two parts: a soft fork that recognizes “late blocks” (penalizing miners who withhold blocks for too long) and a hard fork that introduces reward splitting (so that miners who routinely find blocks off the main chain earn less overall). This would make selfish mining less profitable.
Developers have also revisited old ideas such as merge mining. This would allow Monero to be mined in parallel with a larger coin like Bitcoin, effectively tying Monero’s security to a larger hash rate. Another idea is adopting a form of chain locking, where independent nodes help “lock in” blocks to prevent reorgs.
In the short term, many node operators are planning to use checkpointing as a stopgap. This means hard-coding or distributing a known-good block height so nodes won’t accept alternative chains deeper than that.
Some researchers suggested DNS-based checkpoints, where trusted servers broadcast the canonical chain head. However, this approach is controversial because it introduces centralization.
As of now, Monero’s developers haven’t implemented a permanent fix. Developers note that each proposed change has trade-offs, and any protocol upgrade requires consensus among stakeholders. Still, the community is finding a solution.
The fact that Monero’s privacy features remain strong is reassuring, but all agree: Monero must strengthen its defenses so that “ten confirmations” again become safe, and no single pool can dominate the network.
Conclusion
The September 2025 Monero reorg attack was a landmark moment for the cryptocurrency, exposing the risks that even established privacy coins face when mining power becomes too centralized.
Although attackers stole no funds, the 18-block rollback shook confidence in Monero’s transaction finality and exposed the limits of its 10-block safeguard. The incident also underscored the broader vulnerability of smaller proof-of-work networks, particularly those that prioritize privacy and decentralization over raw hashrate.
Looking ahead, Monero’s developers and community are strengthening defenses through proposals like “Publish or Perish,” checkpointing, and potential protocol upgrades. Ultimately, the episode is a reminder that decentralization remains the foundation of trust in any blockchain system.
FAQs
A reorg attack occurs when a malicious miner or mining pool creates a private, longer blockchain fork and then publishes it, causing the network to adopt this new chain. This invalidates recent blocks and transactions, and usually requires majority mining power.
In September 2025, Monero’s blockchain underwent an 18-block reorganization. About 117 confirmed transactions were erased, and the event was linked to the Qubic mining pool, which briefly held over 50% of Monero’s hash rate.
Yes. In August 2025, Qubic performed a smaller 6-block reorg on Monero. This caused exchanges like Kraken to temporarily halt deposits. Before these incidents, Monero had not seen major reorg attacks.
Developers are exploring multiple solutions, including the “Publish or Perish” proposal, merge mining, and chain locks. In the short term, exchanges have raised confirmation requirements, and node operators may use checkpointing to secure the network.
Giuseppe Ciccomascolo began his career as an investigative journalist in Italy, where he contributed to both local and national newspapers, focusing on various financial sectors.
Upon relocating to London, he worked as an analyst for Fitch's CapitalStructure and later as a Senior Reporter for Alliance News. In 2017, Giuseppe transitioned to covering cryptocurrency-related news, producing documentaries and articles on Bitcoin and other emerging digital currencies. He also played a pivotal role in establishing the academy for a cryptocurrency exchange website. Crypto remained his primary area of interest throughout his tenure as a writer for ThirdFloor.
Easy 
