Monero's anonymity is greatly exaggerated

Another security vulnerability has been found in Monero (XMR), a coin designed to ensure maximum transaction privacy, according to news reports.

We have already written about the interest of gray miners in Monero, and this new vulnerability, which, by the way, has already been fixed, exposes XMR traders and investors to a new risk.

The fact is that hackers use XMR to create false transaction data, which is then sent to employees exchanges to trick them into crediting hackers' accounts with additional XMR tokens that they do not own. The vulnerability that allowed this to happen existed in the Monero wallet, an open source wallet that allowed the manipulation of transaction addresses. When new lines are added to the code, the amount of XMR in the transaction is multiplied, making the transfer amount higher than it actually is.

According to information provided by Next Web:

“Each additional line multiplied the amount of XMR shown, allowing exchange employees to be tricked into confirming illegal transactions. The hackers could then call the exchange and demand immediate processing, showing totals that were significantly higher than what was originally submitted for confirmation. Additionally, the bug appears to be spreading to other coins on the Monero network as hackers managed to steal ARQ coins, a hard fork of Monero, from Altex's exchange wallet."

The idea of a coin with strict privacy is to allow users to maintain complete anonymity, but in turn this allows criminals and hackers to hide behind these masks too. The risk of attack can be reduced by making the coin less private, but then the uniqueness of the coin is lost, making it almost impossible to find a solution.

 For Monero, these vulnerabilities mean that data can be exposed, which in turn negates the “privacy” of the network. You can't call a coin completely anonymous if a hacker can manipulate your assets.

According to cryptodaily.co.uk