Cryptocurrency & Blockchain Business
CCG

Monero Patches Vulnerability Bug

Share on facebook
Share on twitter
Share on linkedin
Share on telegram
Share on whatsapp
Share on pocket
Share on vk
Share on reddit

After a vulnerability has been spotted in Monero’s ecosystem, users reported it to the company. As a response to the situation, Monero developing team patched the bug that reportedly allowed hackers to “burn” the funds of the company’s cryptocurrency wallet. 

The developers of an open-source cryptocurrency Monero (XMR) reportedly fixed a bug that could allow an attacker to “burn” the funds of the company’s wallet while only losing network transaction fees. 

What is the “Burning Bug”?

According to the statement from the cryptocurrency company, the bug has been reportedly discovered after a community member described a hypothetical attack on one of the subreddits related to XMR. It could possibly affect merchants and organizations in the XMR ecosystem, thus allowing an attacker to trigger significant damage. The blog post from Monero describes how the bug would be exploited:

 “An attacker first generates a random private transaction key. Thereafter, they modify the code to merely use this particular private transaction key, which ensures multiple transactions to the same public address (e.g. an exchange’s hot wallet) are sent to the same stealth address. Subsequently, they send, say, a thousand transactions of 1 XMR to an exchange. Because the exchange’s wallet does not warn for this particular abnormality (i.e. funds being received on the same stealth address), the exchange will, as usual, credit the attacker with 1000 XMR.”

Monero Patches the Vulnerability

Monero highlights that the attacker would not be able to obtain monetary gains with such an attack. However, “there are probably means to indirectly benefit.”

After the attack, the hacker would sell the XMR for Bitcoin and withdraw the BTC. As a result of the attack, the exchange would be left with 999 unspendable or “burnt” outputs of 1 XMR. It is worth to mention that the bug has not affected the protocol of the coin supply. The developers of XMR have created and included a fix in the code. The team announced the news via XMR’s official Twitter account:

“To any exchanges, services, merchants, and other organizations present in the Monero ecosystem, if you have not received or applied a patch yet, compiling v0.13.0.0-RC1 ensures the patch is included.”

XMR claims to be a private and “untraceable” cryptocurrency, as this coin was at the center of fraudulent activities in the cryptocurrency sector previously. Earlier this month, cybercriminals stole users’ XMR by having MEGA Chrome extension compromised. 

If you enjoyed this article please share it for others to read

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on telegram
Telegram
Share on whatsapp
WhatsApp
Share on pocket
Pocket
Share on email
Email
Share on vk
VK

Leave a Reply

 

 

 

News by Month

 

Scroll to top