A recent post by Monero’ official website stated that there was a bug in the wallet which could be used by attackers to send multiple transactions to the same stealth address, which were a predominant part of Monero’s privacy. They would be used to authorize and request a sender to create random one-time addresses for all the transactions which were done on behalf of the receiver.
According to the post, this could result in attackers intentionally burning the funds of an organization present in Monero’s ecosystem. The funds can be burnt from any wallet without any additional cost except for the network transaction fees. However, the attacker does not have any direct monetary gains but might benefit from the attack indirectly.
Sending multiple transactions to the same stealth address to burn the funds of a user is not something new and there has been recorded evidence of its existence for quite some time. They further stated:
“the consequences of an organization being involved was not thoroughly thought through until a community member described a hypothetical attack on the Monero subreddit”
The Monero community stated that numerous duplicate key images can be generated by sending XMR to an identical stealth address. The network then declines the key image as it is already available on the blockchain and it will be recognized as an effort to double spend.
The official post further stated that attackers modify the code to get access to a particular private transaction key. This allows the stealth address to receive the same multiple transactions sent to the public address. The attacker could then send one thousand transactions of one XMR to any cryptocurrency exchange. Since the exchange wallets are not aware of the particular abnormality they will credit the attacker with 1000 XMR. Thus the cryptocurrency exchanges are left with 999 burnt outputs of 1 XMR.
However, The community confirmed that the bug did not affect Monero’s protocol and the coin supply was not affected. According to a recent post, the Monero [XMR] wallets on major exchanges like Poloniex, Bittrex, Cryptopia, and XMR.to were not functioning. Cryptopia, a major exchange platform also stated that the actions were taken as per the request of the Coin Developer.
Subscribe to AMBCrypto’s Newsletter
Tron [TRX/USD] Technical Analysis: Bull will continue to entertain the market
Bitcoin Cash [BCH] grows 10.8% while Bitcoin SV [BSV] hikes 4.10% over 24 hours
Bitcoin [BTC]’s price rises dramatically through bear-infested empire as EOY approaches
Ethereum [ETH] Technical Analysis: Coin pulls itself outside the pit
XRP, EOS and Stellar [XLM] remain the top double digit gainers in the past 24 hours
BREAKING: Ripple class-action lawsuit rolls ahead; plaintiffs place new demand
Bitcoin [BTC] addresses blacklisting doesn’t really matter that much, says Litecoin Creator
Bitcoin [BTC]’s prices are significantly lower than its $13000-$14000 fair price, says Tom Lee
Bitcoin [BTC]: Tone Vays “couldn’t disagree more” with Tom Lee’s valuation
Bitcoin [BTC] could rally upto $333k by December 2021, after reaching $2,500 in January 2019: Bobby Lee
Bitcoin proponent: Next bull market is going to see a lot more spending of Bitcoin
Exclusive: Mati Greenspan discusses Bitcoin [BTC] bottom, market crash and more
Bitcoin [BTC] is dead in the long-term; Litecoin has been dead for a while, says Bitcoin early adopter
Binance, Bitfinex only exchanges in top-25 list not faking trading volume, says research