Vulnerabilities discovered in Monero
|- Monero revealed that they had nine security vulnerabilities.
- One of these vulnerabilities could have allowed hackers to steal XMR from cryptocurrency exchanges.
Monero (XMR), the privacy-focused altcoin, revealed that they had nine security vulnerabilities, one of which could have allowed hackers to steal XMR from cryptocurrency exchanges. Till March, malicious miners could have used the vulnerability to create “specifically-crafted” blocks to force Monero wallets into accepting fake deposits for an amount chosen by the attacker. Security researchers in a HackerOne report declared, “It is our belief that this can be exploited to steal money from exchanges.” They were rewarded with 45 XMR ($4,100) for their efforts.
Along with this, five DoS attack vectors, one of which was labeled as “critical.” Andrey Sabelnikov discovered the bug. The flaw could’ve enabled malicious actors to take Monero nodes down by requesting large amounts of blockchain data from the network. Sabelnikov told Hard Fork:
“If you have quite a big blockchain (with long history like Monero […]), then you can push a protocol request that will call all of its blocks from another node, which could be hundreds of thousands of blocks….Preparing such a response can take a lot of resources. Eventually, the OS might kill it due to the huge memory consumptions, which is typical of Linux systems.”
Sabelnikov also warned that other crypto projects using CryptoNote, Monero’s underlying protocol, are also vulnerable to these attacks.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.