On 5th September, Monero released a report in which they announced a post mortem of the multiple counting bug that they faced recently. The report provided a detailed information about the bug and how it was used to exploit services, merchants and exchanges.
The multiple counting bug had two variants, which required a different structure of the transaction public key. It was introduced in conjunction with the subaddress feature.
In the first variant of the bug, the code did not impose an inspection to guard against duplicate public keys. This vulnerability resulted in attackers creating a transaction in which the transaction public key would be included multiple times. This resulted in the duplication of the particular transaction public key.
In the second variant of the bug, the code did not impose a check against dummy transaction public keys. Therefore, a hacker could trick the wallet into scanning the outputs in a transaction twice by utilizing the alternative transaction public key feature. As a result, the receiving wallet would report that it had received two times the amount that it had actually received.
The first variant of the bug was earlier reported on GitHub, and the severity of the bug was underestimated. This resulted in the exploitation of exchanges, and funds being stolen from organizations in the Monero ecosystem.
Moreover, a security researcher for HackerOne provided an elaborate report on how the bug was being utilized to steal funds from exchanges. The second variant of the bug was reported by Phiren on HackerOne.
After merging both the patches, Fluffypony, Monero’s Lead Maintainer released a new version V0.12.3.0. The severity of a critical bug in the wallet software was initially underestimated which allowed an attacker to steal funds from organizations in the Monero ecosystem.
Fortunately, the bug was confined to the accounting functions of the wallet software, and thus the protocol and coin supply were not affected. The Monero community also spoke about the adequate measures taken to solve the problem. DubsNC stated on Reddit:
“Yeah, the mailing list doesn’t sound like a good idea to me. It does sound like a high value target list for an adversary. How about just a signed update flag in the protocol that tells all full nodes to update at the sale time?”
Flenst, an enthusiastic Redditor stated:
“I am really glad to see that mistakes that have been done won’t be repeated and there will be better solutions in the future to disclose vulnerabilities like this to services in a more reliable way.”
Subscribe to AMBCrypto’s Newsletter
Ripple official claims that in time banks will adopt cryptocurrencies but before that it will be small companies
Ripple to lay xCurrent base in India? Industry player talks about partnership
Litecoin [LTC/USD] Technical Analysis: Bear’s hunger for bulls reflected in price trend
Winklevoss Twins launch new app; say they are “at home” with the crypto-winter
Ethereum’s [ETH] Vitalik Buterin talks about non-financial applications of blockchain in a tweetstorm
BREAKING: Ripple class-action lawsuit rolls ahead; plaintiffs place new demand
XRP to $589 proponent and rumored Ripple insider Bearableguy123 resurfaces: Can 1635x growth occur in 28 days?
Bitcoin [BTC] futures on Nasdaq confirmed by company executive; to be launched in first half of 2019
Ripple CEO responds to NYSE Chairman’s comment on digital assets
XRP twitter army blocked by Dogecoin [DOGE] creator after facing backlash to his comment on Ripple
XRP ecosystem blooms as the year ends; Ripple, r3 leave animosity behind and more
Bitcoin Cash [BCH] ABC to be delisted from all exchanges, says Bitcoin SV [BSV]’s Calvin Ayre
Cardano [ADA] creates record by becoming 4th biggest loser in terms of trading price against all-time high
Tron [TRX]’s weekly report: New multi-signature wallet underway, Accelerator program gains momentum