A recent post by Monero’ official website stated that there was a bug in the wallet which could be used by attackers to send multiple transactions to the same stealth address, which were a predominant part of Monero’s privacy. They would be used to authorize and request a sender to create random one-time addresses for all the transactions which were done on behalf of the receiver.
According to the post, this could result in attackers intentionally burning the funds of an organization present in Monero’s ecosystem. The funds can be burnt from any wallet without any additional cost except for the network transaction fees. However, the attacker does not have any direct monetary gains but might benefit from the attack indirectly.
Sending multiple transactions to the same stealth address to burn the funds of a user is not something new and there has been recorded evidence of its existence for quite some time. They further stated:
“the consequences of an organization being involved was not thoroughly thought through until a community member described a hypothetical attack on the Monero subreddit”
The Monero community stated that numerous duplicate key images can be generated by sending XMR to an identical stealth address. The network then declines the key image as it is already available on the blockchain and it will be recognized as an effort to double spend.
The official post further stated that attackers modify the code to get access to a particular private transaction key. This allows the stealth address to receive the same multiple transactions sent to the public address. The attacker could then send one thousand transactions of one XMR to any cryptocurrency exchange. Since the exchange wallets are not aware of the particular abnormality they will credit the attacker with 1000 XMR. Thus the cryptocurrency exchanges are left with 999 burnt outputs of 1 XMR.
However, The community confirmed that the bug did not affect Monero’s protocol and the coin supply was not affected. According to a recent post, the Monero [XMR] wallets on major exchanges like Poloniex, Bittrex, Cryptopia, and XMR.to were not functioning. Cryptopia, a major exchange platform also stated that the actions were taken as per the request of the Coin Developer.
Subscribe to AMBCrypto’s Newsletter
Monero [XMR] transaction fees plummet to 2 cents post the ‘Bulletproof’ hardfork
Ethereum [ETH] only accounted for 4% of Genesis trading loan book by end of September 2018
TAP releases new alpha version of their app
Cardano [ADA] continues its developmental roll; prices reflect the same
Tron [TRX] Technical Analysis: Bull pushing strong to power down bear in the short-term
Ripple partner Santander to adopt SWIFT GPI: What does it mean for XRP-powered xRapid?
XRP can now be used as collateral for $2 million instant loans
Ripple partner Santander goes live with SWIFT’s Global Payments Innovation
Bitcoin [BTC] is not going to disappear, but Ethereum [ETH], XRP and others are “going bust”, says Roubini
Tron [TRX/USD] Technical Analysis: The bulls have charged attack on the bear
Ripple and XRP rise in tandem; banking sector lays down the path for the cryptocurrency’s developments
XRP is not a security and the SEC will recognize it, says Ripple’s Chief Market Strategist
Exosis [EXO] to emerge as a rising star as one-stop solution for the cryptocurrency ecosystem
XRP sentiment gets bullish push as Ripple’s market strategist teases worldwide adoption of xRapid