Monero Developers Have Patched the ‘Burning Bug’

Published at: Sept. 26, 2018

The developers of open-source cryptocurrency Monero (XMR) have patched a bug that could allow an attacker to “burn” the funds of an organization’s wallet while only losing network transaction fees, according to an announcement published September 25.

The bug was reportedly discovered after a community member described a hypothetical attack on the XMR subreddit. The bug could purportedly affect merchants and organizations in the XMR ecosystem, enabling an attacker to trigger significant damage. The blog post further describes how the bug would be exploited:

“An attacker first generates a random private transaction key. Thereafter, they modify the code to merely use this particular private transaction key, which ensures multiple transactions to the same public address (e.g. an exchange's hot wallet) are sent to the same stealth address. Subsequently, they send, say, a thousand transactions of 1 XMR to an exchange. Because the exchange's wallet does not warn for this particular abnormality (i.e. funds being received on the same stealth address), the exchange will, as usual, credit the attacker with 1000 XMR.”

While Monero notes that the attacker would not be able to directly accrue monetary gains with such an attack, “there are probably means to indirectly benefit.”

Following the attack, the hacker sells the XMR for Bitcoin (BTC) and then withdraws the BTC. As a result of the attack, the exchange is left with 999 unspendable or “burnt” outputs of 1 XMR.

Notably, the bug has not affected the protocol or the coin supply. XMR developers subsequently created and included a patch in the code, which was announced via XMR’s official Twitter account:

To any exchanges, services, merchants, and other organizations present in the Monero ecosystem, if you have not received or applied a patch yet, compiling v0.13.0.0-RC1 ensures the patch is included.

— Monero || #xmr (@monero) September 25, 2018

XMR, which claims to be a private and “untraceable” cryptocurrency, was the target of fraudulent activities in the crypto space previously. Earlier this month, the MEGA Chrome extension was compromised, which allowed cybercriminals to steal users’ XMR in addition to other sensitive information.

In June, a report published by security company Palo Alto Networks found that around 5 percent of all XMR in circulation at the time was mined maliciously. XMR reportedly has an “incredible monopoly” on the cryptocurrencies targeted by malware, with a total of $175 million mined maliciously.

XMR is currently the tenth largest digital currency, with a market capitalization of nearly $1.9 billion and a circulating supply of over 16 million, according to CoinMarketCap. At press time, XMR is trading at around $114, up 0.68 percent over the last 24 hours.

Tags
Altcoin
Cryptocurrencies
Hackers
Monero
Related Posts
Monero Discloses Bug Allowing XMR to Be Stolen From Exchanges
Several security vulnerabilities have been disclosed by Monero, including one that could have been exploited to steal xmr from exchanges, reports on the breach disclosure platform HackerOne revealed on July 3. The vulnerability theoretically enabled attackers to send counterfeit xmr to an exchange. Once the fraudster’s account was credited, they could then convert it into other coins and make a withdrawal, leaving the exchange out of pocket. Describing the critical breach they uncovered, the lead developer for CUT coin added: “It is our belief that the vulnerability cannot be used to "mint" real, transactable monero out of thin air.” A …
Altcoin / July 5, 2019
Trend Micro: Outlaw Hacking Group’s Botnet Is Now Spreading a Monero Miner
Cybersecurity company Trend Micro claims to have detected a web address spreading a botnet featuring a monero (XMR) mining component alongside a backdoor. The malware was described on Trend Micro’s official blog on June 13. Per the report, the firm attributes the malware to Outlaw Hacking Group, as the techniques employed are almost the same used in its previous operations. The software in question also holds Distributed Denial of Service (DDoS) capabilities, “allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.” Trend Micro also believes that the creators of the malware in question are …
Altcoin / June 13, 2019
Cybercriminals Sneak in Crypto Mining Malware via Confluence Software Exploit
Cybercriminals are now reportedly exploiting known vulnerability CVE-2019-3396 in the software Confluence, a workspace productivity tool made by Atlassian, according to a report by security intelligence firm Trend Micro Inc. on May 7. The exploit that has been developed allows cybercriminals to stealthily install and run a monero (XMR) miner on a vulnerable computer, as well as covering up the mining activity by using a rootkit to hide the malware’s network activity and toll on the host’s central processing unit (CPU). According to an Atlassian security advisory, the vulnerability in question only applies to some older versions of Confluence. The …
Altcoin / May 7, 2019
MEGA Chrome Extension Compromised to Steal Users’ Monero
The MEGA Chrome extension version 3.39.4 has been compromised and can now steal user’s Monero in addition to other sensitive information, according to recent posts on Twitter and Reddit. MEGA Chrome extension is a tool that claims to improve browser performance by reducing page loading times, in addition to providing a secure cloud storage service. The official Twitter account of Monero (XMR) posted a warning, advising XMR holders to steer clear of MEGA. PSA: The official MEGA extension has been compromised and now includes functionality to steal your Monero: https://t.co/vzWwcM9E5k — Monero || #xmr (@monero) September 4, 2018 Another user …
Altcoin / Sept. 5, 2018
Malware on Official Monero Website Can Steal Crypto: Investigator
The software available for download on Monero’s (XMR) official website was compromised to steal cryptocurrency, according to a Nov. 19 Reddit post published by the coin’s core development team. The command-line interface (CLI) tools available at getmonero.org may have been compromised over the last 24 hours. In the announcement, the team notes that the hash of the binaries available for download did not match the expected hashes. The software was malicious On GitHub, a professional investigator going by the name of Serhack said that the software distributed after the server was compromised is indeed malicious, stating: “I can confirm that …
Altcoin / Nov. 19, 2019