Monero might be one of those cryptocurrencies that care about use anonymity but it turns out Monero was too vulnerable to hacks. Well, until now, according to its core development team. Today the devs made the news by revealing the Monero network had a severe security flaw left unnoticed.
An excerpt from the bone-chilling blog post reads:
“The bug basically entails the wallet not providing a warning when it receives a burnt output. Therefore, a determined attacker could burn the funds of an organization’s wallet whilst merely losing network transaction fees.” Further adding, “In sum, a bug in the wallet software allowed a determined attacker to cause significant damage to organizations present in the Monero ecosystem with minimal cost. Fortunately, the bug did not affect the protocol and thus the coin supply was not affected.”
How does it happen?
We are not getting in details here but just like the Bitcoin and Ethereum networks, the Monero blockchain can also “burn” its own tokens. When similar or identical stealth addresses settle transactions between each other the Monero mainnet is programmed to allow only one “correct” transaction. It considers the remaining transactions fake and “burns” them. The burnt XMR tokens become unusable as they are neither removed nor replaced with new tokens.
However, the security researchers have recently discovered that hacker might exploit that and smuggle tokens directly from external wallets and third-party apps.
The disclosure explains that the bad guys can generate a private key and then adjust in such a way that it redirects funds to a certain public address(let’s say a wallet in an exchange), which is the same as the stealth address (which they control). The attackers then send a thousand transactions of one XMR to the exchange wallet.
What happens then? The blog post outlines, “Because the exchange’s wallet does not warn for this particular abnormality (i.e. funds being received on the same stealth address), the exchange will, as usual, credit the attacker with 1000 XMR. The attacker then sells his XMR for BTC and lastly withdraws this BTC. The result of the hacker’s action(s) is that the exchange is left with 999 unspendable/burnt outputs of 1 XMR.”
The Monero developers insist they have contacted major exchanges and offered their help in fixing the problem. In fact, they have released and sent a private patch to exchanges. We must all thank the Monero community members who voiced their concerns on the potential attack on Reddit. It helped the developing team investigate and review the code before someone have managed to pull a nasty trick.
In conclusion, the announcement reads, “this event is again an effective reminder that cryptocurrency and the corresponding software are still in its infancy and thus quite prone to (critical) bugs.”