Monero’s community wallet loses all funds after the attack.
A recent attack put Monero's community fundraising wallet at risk, wiping out nearly $460,000 of its 2,675.73 Monero (XMR) balance.
The incident took place on September 1st but was revealed on GitHub on November 2nd by Monero developer Luigi. According to him, the source of the breach is still unknown.
“CCS Wallet was drained of 2,675.73 XMR (full balance) at midnight on September 1, 2023. The hot wallet used for contributor payments was not affected, the balance is ~244 XMR. We have not reached it yet. Can confirm the source of the breach.”
Monero's Community Crowdfunding System (CCS) supports development ideas from its members. Monero developer Riccardo “fluffypony” Spagni wrote in a thread, “This attack is unthinkable as it takes funds that a contributor relies on to pay rent or buy food.
Luigi and Spagni were the only two to reach the purse strings. According to Luigi's post, the CCS wallet was developed in 2020 on an Ubuntu system with a Monero node.
To make payments to community members, Luigi has used a hot wallet on the Windows 10 Pro desktop since 2017. As required, the hot wallet is covered by a CCS bag. On September 1, however, the CCS wallet was cleared in nine transactions. Monero's core team is asking the General Fund to cover existing liabilities.
“It's likely related to the ongoing attacks we've seen since April because they include a variety of compromised keys (including Bitcoin wallet.dats, seeds generated by all types of hardware and software, Ethereum pre-sale wallets, etc.) and hashed XMR,” Spagni said in the thread. He said.
According to other developers, the source of the breach may have originated from online wallet keys on the Ubuntu server.
“I wouldn't be surprised if Luigi's Windows machine was part of some unknown botnet and the operators carried out this attack with SSH session information on that machine (either by stealing the SSH key or directly using the remote desktop control capability of the Trojan when the victim was unbeknownst to them) hacked developer Windows machines leading to major corporate breaches.” It's not unusual,” said developer Marcovellone, who gave a pseudonym.
Magazine: Slumdog Billionaire – The Incredible Rags-to-Rich Story of Polygon's Sandeep Nelwal