BSV
$65.97
Vol 63.56m
-9.32%
BTC
$90197
Vol 45302.74m
-0.94%
BCH
$435.2
Vol 839.51m
-9.38%
LTC
$86.8
Vol 1528.77m
-10.51%
DOGE
$0.36
Vol 9450.51m
-2.22%
Getting your Trinity Audio player ready...

Monero’s official website was compromised to deliver a malware-infected file that steals coins from account owners. The compromise was confirmed on Tuesday, Nov. 19, the XMR Core Development Team member Binaryfate alerted Reddit readers that the binaries of the command-line interface (CLI) wallet users were downloading were briefly altered. The SHA256 hash from the downloaded file did not match the SHA256 hash listed on the official site. For 35 minutes, different CLI binaries were served. 

“If they downloaded binaries in the last 24h, and did not check the integrity of the files, to do so immediately. If the hashes did not match, do not run the download,” Binaryfate further warned Reddit readers. “If you have already run them, transfer the funds out of all wallets that you opened with the (probably malicious) executables immediately, using a safe version of the Monero wallet (the one online as we speak is safe — but check the hashes).”

The report of stolen coins was confirmed on GitHub by a professional investigator using the nickname Serhack. Approximately nine hours after he ran the binary, a single transaction drained his wallet. The build was downloaded yesterday around 6 pm PST. 

XMR Core community team member ErCiccione followed up on Monero’s (XMR) official website explaining an investigation found that a malicious version of the binaries of the CLI wallet was served. The problem occurred on Monday 18th, 2:30 am UTC, and 4:30 pm UTC. XMR holders are advised to delete the corrupted files and download them again from a safer source.

Although the Monero team states it intervened to take down the compromised file, at least one Reddit user reported losing funds.

Two guides have been provided (here and here) to help users check the authenticity of their binaries, while the correct hashes are available here.

This case is not the first time a hacking occurred on a leading blockchain development platform. In September, AirSwap’s developers announced the discovery of a critical vulnerability in the system’s new smart contract. To maintain network integrity, many development teams now offer bounty programs for exposing vulnerabilities. Users still must always check the integrity of the binaries you download. 

Recommended for you

Sentinel Node upholds heightened security with 56M snapshots
CERTIHASH keeps up with its mission to offer enterprises heightened security for their data with BSV-powered Sentinel Node, recently registering...
November 14, 2024
ODHack 9.0: Better wallet, easy testnet coins for developers
OnlyDust's ODHack 9.0 hackathon event provides developers building on the BSV blockchain with new ways to test their applications without...
November 8, 2024
Advertisement
Advertisement
Advertisement