Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » Technology » Monero Website Hacked as Key-Stealing Wallet Was Uploaded

Monero Website Hacked as Key-Stealing Wallet Was Uploaded

by

A malicious Linux binary was served to Monero users.

Bitmex user emails were leaked

Share this article

Monero’s official website appears to have been hacked this week. Malicious actors were able to upload a compromised version of Monero’s Command Line Interface wallet that sent private keys to an external server.

On Monday, the community alerted developers on GitHub that the hash of the official release mismatched with the one available for download on the website. Hashes are used as a software fingerprint to identify exactly these kinds of manipulations — even one changed byte would completely alter the resulting hash string.

The issue lasted for about 14 hours on Monday, after which Monero developers changed the source of the wallet’s binaries.

An analysis from a security researcher shows that the modified wallet contained a malicious line that leaked the private keys of any new or existing wallet added to the software. The data was sent to a server at xmrsupport.co, what appears to be a domain created specifically for this attack. This may have been a preventative measure to not trigger system firewalls, as requests to raw IP addresses could be registered as suspicious and blocked.

The hack appears to have been at least partially successful, with one Reddit user claiming to have lost $7,000 as a consequence of the attack.

The breach is nevertheless unlikely to have affected large portions of the Monero community. Though a compromised Windows binary appears to have been created, the malware was only served to Linux users. This issue appears to be only affecting the command line wallet, which is naturally less used than the graphical interface version.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.