News

Monero’s CCS Wallet Was Exploited, Attacker Drains $460,000 in Nine Transactions

Key Points:

  • Monero’s CCS wallet was exploited on September 1, 2023, draining the entire balance of 2,675.73 XMR, valued at approximately $460,000.
  • The source of the vulnerability is still unknown, but blockchain security firm SlowMist suggests a “loophole in the Monero privacy model.”
  • Moonstone Research, a blockchain analysis firm, concluded that the exploiter was likely a user of the Monerujo wallet with the PocketChange feature enabled.
Monero’s CCS wallet was exploited on September 1, 2023, as revealed by the decentralized community-driven project.

Monero’s CCS Wallet Was Exploited, $460,000 Stolen

It has been reported that the attacker drained the wallet through nine transactions, depleting its entire balance of 2,675.73 XMR, which is valued at approximately $460,000. Chinese cryptocurrency reporter Colin Wu, known for his X page, Wu Blockchain, provided insights into the Monero CCS hack, which is still surrounded by mystery.

Wu also highlighted the theory by blockchain security firm SlowMist, which suggests a “loophole in the Monero privacy model” as the source of vulnerability. Monero’s disclosure revealed that the CCS, funded by donations, held a total balance of 2675.73 XMR until September 1. It was not until November that Monero developer Luigi noticed the complete theft of the wallet holdings.

Monero’s CCS Wallet Was Exploited By Hacker Traced to Monerujo Wallet with PocketChange Feature Enabled

Moonstone Research meticulously tracked the attacker’s transactions and concluded that the exploiter was likely a user of the Monerujo wallet with the PocketChange feature enabled. Monerujo, an Android-based non-custodial Monero wallet, offers PocketChange to address Monero’s limitations by dividing funds into multiple “pockets” or “notes.”

According to Monerujo’s explanation, enabling PocketChange splits a larger coin into smaller parts and spreads them into 10 different pockets. This prevents the coins from merging again, allowing instant spending from all pockets without waiting the typical 20 minutes. Moonstone Research, through four Crescent Discovery Reports, identified that the attacker generated 11 output enotes, which deviates from typical transactions. Confirming their analysis, Moonstone Research stated, “We believe this is the most likely scenario, regardless of whether the attacker was using Monerujo version 3.3.7 or 3.3.8.”

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Levii

Recent Posts

The New Lead of Presidential Crypto Council Appointed by Trump Is Bo Hines

President-elect Donald Trump named Bo Hines as the executive director of the presidential crypto council.

15 minutes ago

Best New Meme Coins with 1000X Potential: BTFD Coin’s Hot BIG50 Discount As Baby Doge Coin, Dogs Takes Gaming to the Next Level

Explore the best new meme coins with 1000X potential. Learn how BTFD Coin leads with…

1 hour ago

BlockDAG Surges Past $170M as BDAG250 Bonus End Countdown Begins – Aave Targets $400 & Solana Shines with Scalability

BlockDAG crosses $170.5M in presale success with BDAG250 bonus and Whitepaper V3 launch! Solana grows…

3 hours ago

Qubetics Presale Price Surge Approaches: The Best Coins to Invest in Right Now While Toncoin, and XRP Gain Traction

Discover why Qubetics, Toncoin, and XRP are the best coins to invest in right now.…

3 hours ago

Book of Meme Old News? This Best Meme Coin to Invest in 2024 Is Multiplying Gains Like a Champ

Over the years, meme coins have evolved from inside jokes into serious investment opportunities.

4 hours ago

Time’s Ticking on BlockDAG’s 5-Tier Bonus- Few Days Left to Grab It While Cardano Whales Take Action, Aave Rallies Strong

Discover BlockDAG's five-tier bonus program's closing phases that enhance buyer holdings. Gain insights on the…

5 hours ago

This website uses cookies.