Monero’s Website Was Hacked to Distribute Crypto-Stealing Malware

Michael LaVere
  • Monero's official website GetMonero.com was hacked and caused users to download malware.
  • Monero's team responded to the situation, warning users to confirm the hashes on their wallet binaries. 

The official website for Monero (XMR), GetMonero.com, has been hacked and caused users to download cryptocurrency stealing malware when attempting to obtain the privacy-centric cryptocurrency's wallet. 

According to a report by Ars Technica, GetMonero was discovered to have been hacked on Nov. 19 when a user noticed that the hash from the downloaded XMR wallet did not match the one listed on the site. User nikitasius published a post on GitHub detailing the different hashes, which was confirmed by other members of the community. 

Rather than being an error, the mismatched hash was determined to be the result of an attack on users of GetMonero. Users who downloaded the wallet from the website were put at risk of a cryptocurrency-stealing malware.

GetMonero promptly issued a warning, telling community members, 

It's strongly recommended to anyone who downloaded the CLI wallet from this website between Monday 18th 2:30 AM UTC and 4:30 PM UTC, to check the hashes of their binaries. If they don't match the official ones, delete the files and download them again. Do not run the compromised binaries for any reason.

One unfortunate Reddit user detailed losing $7,000 from his wallet after downloading the malicious client, 

I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained my wallet of all $7000. I downloaded the build yesterday around 6pm Pacific time.

Featured Image Credit: Photo via Pixabay.com

'Big Spender' Bitcoin Wallet Exploit Is an 'Issue With BTC Itself', Says BCH Supporter

Michael LaVere
  • Crypto security firm ZenGo has identified a double-spend exploit dubbed "BigSpender" which affected popular bitcoin wallets.
  • Exploit allows an attacker to cancel a bitcoin transaction without the receiving user knowing. 

A crypto security firm has identified a double-spend exploit targeting popular bitcoin wallet providers. 

According to a report by ZenGo, the security firm has discovered a double and multiple spend wallet exploit for bitcoin dubbed “BigSpender.” The report claims the exploit allows an attacker to cancel a bitcoin transaction but still have it appear in a victim’s vulnerable wallet. 

The report reads, 

The core issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for the option that a transaction might be canceled and implicitly assume it will get confirmed eventually.

As CryptoGlobe reported, ZenGo found that a user’s balance would be increased following an unconfirmed incoming transaction, without a subsequent decrease in the event the transaction being double-spent. The firm outlined how an attacker could use the exploit to cancel transactions of sent bitcoin while still receiving goods and services in return. 

The security firm tested nine popular cryptocurrency wallets and found BRD, Ledger Live and Edge to be vulnerable to the exploit. All three companies were notified by ZenGo of the threat and subsequently updated their products. However, the firm noted that “millions” of crypto users may have been exposed to the attack prior to the update. 

Bitcoin Cash supporter Hayden Otto told Cointelegraph the exploit is particularly concerning for bitcoin-accepting merchants. 

He said, 

The technique is facilitated by RBF (replace by fee), a so-called ‘feature’ added at the protocol level by the Bitcoin Core developers.The issue exists if you use BTC. Wallet software can only make some trade off, which results in a worse BTC user experience, in order to try to protect BTC users.

Otto claimed the exploit was derived from “an issue with BTC itself” and had little to do with wallet software. 

Featured Image Credit: Photo via Pixabay.com