Monero activity remains after deletion, flags study the behavior of the network
According to new research from TRM Labs, Monero's activity has remained stable as major crypto exchanges push the privacy coin off the platform.
The data shows that trading usage in 2024 and 2025 will remain above levels seen before 2022, even after many large trading platforms removed or limited the signal due to tracking concerns, TRM Labs said.
In the year By 2024, major exchanges including Binance and Kraken have moved to cancel or remove Monero (XMR) over compliance issues. The pressure increased this year when Dubai's financial regulator banned privacy coins such as Monero and Zcash (ZEC) from platforms licensed by the Dubai International Financial Center (DIFC).
The findings confirm that Bitcoin (BTC) will continue to be the dominant currency for real-world ransom payments. Ransomware operators often demand Monero and sometimes offer offers for it, but victims still tend to pay in Bitcoin.
However, dark markets seem to be moving in the opposite direction. Researchers in 2010 They found that 48% of newly launched darknet markets will only support Monero by 2025, which is a significant increase compared to previous years.
Related: Dubai ban on Monero and Zcash for regulated crypto
Monero's privacy is preserved, but the network can reveal clues.
While Monero's cryptography hides the sender, receiver and amount, researchers have looked beyond the blockchain to examine how the network processes transactions on the Internet. They found that 14% to 15% of Monero nodes behaved differently than expected, indicating unusual timing patterns and interactions clustered on certain servers.
Such behavior does not mean that the network has been hacked. Instead, he suggests that some operators may run multiple connected nodes that determine how a transaction is distributed through the system. In peer-to-peer networks, computers that see the transaction before others can get clues as to where it came from.
Although Monero's on-chain encryption remains unchanged, network behavior observers can influence the theoretical identity if they can see message transmission, the report said.
Related: Why Privacy Coins Appear in Post-Hack Fund Flows
Monero update targets “spy nodes”.
In October 2025, Monroe released a new software update called Fluorine Fermi (v0.18.4.3) that aims to improve user privacy and network security. The update introduces a better peer selection system that steers wallets away from suspicious parts of the network and towards safe nodes.
The update focuses on protecting against so-called “spy nodes,” which are used by nodes or groups within the Monero community that try to link transactions to users' IP addresses. These nodes don't break Monero's encryption, but they can see how transactions travel through the network.
Privacy concerns around the web have been discussed for years. The issue gained more attention after a leaked 2024 video suggested investigators could track activity on their own nodes, sparking debate in the crypto community.
Magazine: Bitgate's Gracie Chen wants ‘entrepreneurs, not entrepreneurs'.
