According to a statement published on September 25, the Monero developers have fixed a bug that allowed attackers to carry out attacks on the wallets of organizations.
It is reported that this bug was discovered after one of the Reddit community members described an algorithm for a hypothetical attack on the XMR network. Presumably, this bug could have negative consequences for traders and organizations in the XMR ecosystem, and allowed cybercriminals to cause significant financial damage. A Reddit post described the possible attack:
"First, the hacker generates a random private transaction key. After that, he makes changes to the code, allowing him to use only one private key to conduct multiple transactions to invisible addresses. Ultimately, he sends, for example, a thousand transfers of 1 XMR to the exchanger's address. Since the exchanger has no protection for this case, it will, as usual, assume that the hacker's account is in 1000 XMR.
Although Monero employees note that in this way the attacker will not be able to directly obtain funds, “there is a possibility that he can find indirect ways.”
After the attack, the hacker sells XMR for Bitcoin (BTC) and withdraws BTC. As a result of the attack, the exchanger is left with 999 copies of one XMR, with which it is impossible to perform any operations. It is noteworthy that this bug did not affect the operation of the protocol or the supply of tokens. a patch for the code that they announced on their Twitter.
Currently, XMR is the tenth largest cryptocurrency, its market capitalization is almost $1.9 billion. Despite the claims of the developers about reliability and “untraceability” of the currency, scammers often choose it users as their victims. Thus, earlier this month, the MEGA extension for the Chrome browser was hacked, which allowed criminals to steal the personal data of XMR users. In June, Palo Alto Networks published an article according to which approximately 5% of the entire XMR supply was mined using malware.
According to https://cointelegraph.com/
You May Also Like
What to expect from the Litecoin 2018 summit?
Every month we see an increasing number of cryptocurrency exhibitions, conferences, and summits that are held at the highest level. We believe that these are great platforms for product launches, brand announcements, and networking. The Litecoin Foundation recently posted on Twitter that applications have begun for those wishing to attend the Litecoin Summit 2018.
The collapse of the Iranian rial has increased demand even for dubious altcoins
The Iranian rial has lost almost half its value on the unofficial market since the start of the year. The government is making attempts to stabilize the exchange rate, but against the backdrop of looming US sanctions, Iranians are desperately buying up affordable fiat, gold and cryptocurrency.
