Posted on

Businesses Increasingly See Crypto Mining Attacks in Cloud Infrastructures

American telecoms firm AT&T said that businesses are more seeing crypto mining attacks despite the ongoing bear market.

Cryptocurrency mining is reportedly one of the most observed objectives of hackers attacking businesses’ cloud infrastructures, according to a report by AT&T Cybersecurity on March 14.

The cybersecurity wing of United States telecoms firm AT&T stated that organizations of all sizes continue to face major crypto mining attacks despite the ongoing bear market.

In the new report, AT&T examined the most significant forms of cryptojacking associated with mining attacks on organizations’ cloud infrastructure.

AT&T outlined four major cryptojacking tactics used by hackers such as compromising container management platforms, control panel exploitation, theft of application programming interfaces (APIs), as well as spreading malicious Docker images.

Container management is a major process deployed by enterprise systems, which includes all necessary components to run software, including files and libraries. AT&T researchers have found that crypto jackers were using unauthenticated management interfaces and opened APIs to compromise container management platforms for illicit cryptocurrency mining.

In this regard, AT&T cited an attack reported by security vendor RedLock, where an attacker compromised open-source container management system Kubernetes. The attackers used the compromised Kubernetes server in Amazon Web Services to mine Monero (XMR) and take over access to client data.

After providing a detailed description of hackers’ strategies to mine crypto through cloud structures, AT&T provided a number of recommendations for detecting mining attacks on cloud systems.

Recently, crypto mining service Coinhive announced its closure, as the platform has reportedly become economically inefficient. It reportedly had to shut down its services amidst a 50 percent decline in hash rate following the last Monero hard fork. The firm said its would halt operations on March 8, 2019, while users’ dashboards will be accessible until April 30, 2019.

Following the news, researchers from Canadian Concordia University reported that Coinhive script was placed on more than 30,000 websites, representing 92 percent of all websites based on JavaScript cryptocurrency mining scripts.

Posted on

Google Deletes Crypto Malware Targeting Blockchain.com, MyEtherWallet Users

The malicious Google Chrome web extension was tied to a fake token airdrop from cryptocurrency exchange Huobi.

A Google Chrome browser extension tricking users into participating in a fake airdrop from cryptocurrency exchange Huobi claimed over 200 victims, a security researcher reported in a blog post on March 14.

The extension for Chrome web browser, with the name NoCoin, gained 230 downloads before Google deleted it, according to Harry Denley, who runs cryptocurrency scam database EtherscamDB.

Denley noted that hackers had purposely disguised the malicious extension to look like a tool protecting users from cryptocurrency malware or so-called cryptojacking.

“From the start, it looked like it did what it should — it was detected [sic] various CryptoJacking scripts […] and there was a nice UI to let me know it was doing its job,” he explained in the blog post.

Behind the facade, however, it became apparent the extension requests the input of private keys from popular wallet interfaces MyEtherWallet (MEW) and Blockchain.com. Private keys are then sent to hackers, who can empty wallets of holdings.

The extension lay at the end of a fake giveaway campaign, ostensibly from crypto exchange Huobi, which offered worthless ERC20 Ethereum network-based tokens to unwitting consumers.

It is unknown how long the extension remained available for Google Chrome users.

As Cointelegraph continues to report, bad actors targeting cryptocurrency users have sought increasingly nefarious methods of tricking novices into handing over access to funds. Just this week, a report identified cryptojacking as a sign of increasingly discreet behavior among hackers.

Google itself has come under fire for its own apparent lack of diligence in the past, in February pulling a fake version of popular decentralized app MetaMask from its Play store.

As Cointelegraph reported last month, users of cryptocurrency wallets Electrum and MEW were also facing phishing attacks, according to posts published on Reddit and Twitter.

Posted on

Japan: Hacker Involved in 15 Mln Yen Crypto Theft Referred to Prosecutors

An 18-year-old cryptocurrency hacker was reportedly referred to prosecutors in the Japanese city of Utsunomiya for the theft of 15 million yen worth of cryptocurrency.

An 18-year-old hacker was referred to prosecutors in the Japanese city of Utsunomiya for stealing cryptocurrency, local news outlet Japan Today reported on March 14.

The cybercriminal allegedly hacked Monappy, a digital wallet which can be installed on a smartphone, and stole 15 million yen ($134,196) of cryptocurrency between Aug. 14 and Sept. 1 of last year. The hack reportedly affected more than 7,700 users.

The hacker reportedly used the Tor software that enables users to anonymize web traffic. However, the police identified the hacker by analyzing the communication records stored on the website’s server. According to Japan Today, the hacker admitted to the allegations.

The attacker submitted multiple cryptocurrency transfer requests to his own account, which overwhelmed the system and allowed him to direct more funds to his account. After that, he transferred the coins to another cryptocurrency operator, received dividends and spent the money.

As Cointelegraph Japan previously reported, there was no impact on the cold wallet, which held 54.2 percent of Monappy’s total balances, and no user information, such as email addresses and passwords, was stolen. The company subsequently announced compensation for the lost funds.

The alleged hacker’s identity is reportedly being kept anonymous due to his status as a minor. In Japan, a minor is a person under 20 years of age.

In 2018, over 7,000 cases of suspected money laundering tied to crypto were reported to Japanese police. More than 7,000 suspect transactions reportedly betrayed various red flags — such as being linked to user accounts held under different names and birth dates, but with an identical ID photo.

On a global scale, exchange hacks have been the most lucrative modus operandi for cyber criminals in 2018, having generated close to $1 billion in revenue. Following an initial hack, the cybercriminals often move stolen funds to a plethora of wallets and exchanges in order to cover their tracks.

Posted on

Report: Over 40 Bugs in Blockchain and Crypto Platforms Detected Over Past 30 Days

White hat hackers have reportedly detected over 40 bugs in blockchain and cryptocurrency platforms over the past 30 days.

White hat hackers have detected over 40 bugs in blockchain and cryptocurrency platforms over the past 30 days, tech news outlet The Next Web (TNW) reported on March 14.

According to an investigation conducted by TNW, 13 blockchain- and cryptocurrency-related companies were hit with a total of 43 vulnerability reports from Feb. 13–March 13.

In the blockchain field, e-sports gambling platform Unikrn reportedly got the most vulnerability reports, amounting to 12 bugs. Unikrn is followed by OmiseGo developer, Omise, having received six bug reports. In third place is EOS, with five vulnerability reports.

Consensus algorithm and peer-to-peer (P2P) networking protocol Tendermint received four bugs. Tendermint is followed by decentralized prediction market protocol Augur and smart contracts platform Tezos, with three each. Anonymity-focused cryptocurrency Monero, ICON, and MyEtherWallet reportedly saw two vulnerability reports each.

Major American crypto exchange Coinbase and the developer of blockchain browser Brave, Brave Software, reportedly received one vulnerability report each.

The hackers received a total of $23,675 dollars for their efforts, of which Tendermint contributed the most at $8,500. EOS gave $5,500 in rewards, while Unikrn awarded $1,375. TNW says that the low bounty amount suggests that the bugs were not critical.

In contrast, tens of thousands of dollars in bounties were handed out by EOS to white hat hackers who found critical vulnerabilities in its platform.  

This week, major hardware wallets manufacturer Ledger unveiled vulnerabilities in its direct competitor Trezor’s devices. Among other issues, the Trezor device could purportedly be imitated by backdooring the device with malware and then re-sealing it in its box by faking a tamper-proof sticker, which is reportedly easy to remove.

Trezor subsequently responded to the claims, stating that none of the weaknesses revealed by Ledger are critical for hardware wallets. According to Trezor, none of them can be exploited remotely, as the attacks described require “physical access to the device, specialized equipment, time, and technical expertise.”

Posted on

Previously Hacked Gatecoin Exchange Receives Liquidation Order Following Banking Problems

Hong Kong-based Bitcoin and Ethereum exchange Gatecoin has been granted a winding-up order on March 13.

Gatecoin, a crypto exchange that was hacked in May 2016, has announced on March 13 that it has received a winding up (compulsory liquidation) order from an unspecified court.

The company wrote that Gatecoin will have to cease operation with immediate effect, noting that the exchange will assist in the liquidation process in order to distribute assets to the creditors.

The Hong Kong-based exchange had suffered a major hack back in May 2016, with around $2 million in cryptocurrencies lost after the firm reported a security breach that gave hackers access to Gatecoin’s hot wallets.

According to the team’s statement at the time, hackers stole 250 Bitcoin (BTC) and 185,000 Ethereum (ETH), which represented 15 percent of Gatecoin’s total crypto assets. At press time, such an amount of BTC and ETH is worth around $25.5 million, according to data from CoinMarketCap.

In the recent announcement, Gatecoin wrote that the firm started working with a Payment Service Provider (PSP) following issues with its banking partners in September 2018. In the post, Gatecoin appeared to blame the PSP for the liquidation process, claiming that it failed to process most of the transfers in a timely manner, which “almost paralyzed our operation for many months and caused substantial loss.”

Gatecoin further elaborated:

“Even after we managed to mitigate our loss by replacing that PSP with more reliable alternatives to process our clients’ transfers in September 2018, the situation did not improve because that PSP retained a large part of our funds.”

The company explained it tried to recover the funds by initiating legal action against the PSP, but was advised that it was unlikely to recover the funds fully, which caused financial difficulties that made Gatecoin no longer able to support its operations.

As Cointelegraph has reported, Gatecoin was also struggling banking issues in 2017, with some banks reportedly shutting down the accounts of the exchange without detailed explanation.

Back in 2015, Gatecoin had launched segregated client bank accounts, enabling two accounts within the same bank under Gatecoin’s name: one account was for collecting fees and operation expenses, while the other was used for storing client deposits, as well as processing withdrawals.

Founded in 2013, Gatecoin reportedly became the first crypto trading platform to list the Ethereum token in August 2015.

Another recently hacked crypto exchange, Cryptopia, has since partly relaunched its website, also announcing that it will be using customers’ balances held from the date of the hack as a basis for further calculating rebates.

Posted on

Trezor Responds to Ledger Report on Vulnerabilities in Its Hardware Wallets

EU hardware wallet manufacturer Trezor has responded to a report from its competitor Ledger that described vulnerabilities in Trezor’s devices.

Prague-based crypto wallet manufacturer Trezor has responded to а report about hardware vulnerabilities from its competitor Ledger on Tuesday, March 12.

Trezor claims that none of the weaknesses revealed by Ledger in a detailed report on March 10, are critical for hardware wallets. As per Trezor, none of them can be exploited remotely, as the attacks described require “physical access to the device, specialized equipment, time, and technical expertise.”

Trezor further cites the results of a recent security survey performed in partnership with major cryptocurrency exchange Binance. According to the survey, only around 6 percent of respondents believe that physical attack is the biggest threat to their crypto funds, while 66 percent claim they consider remote attacks a main problem.

Furthermore, Trezor noted that a “$5 wrench attack” — a targeted theft when the user is forced by intruders to disclose his password — cannot be prevented by a hardware barrier set by the manufacturer. Nonetheless, in the case of accidental thefts, the probability of cracking a Trezor wallet is relatively small, as the criminals will not be able to find the necessary equipment, the company states.

Of the five vulnerabilities in Trezor One and Trezor T disclosed by Ledger, Trezor said that four of them are patched, non-exploitable or require a pin. Trezor also noted that the manufacturing process for its devices is closely monitored.

Trezor’s response to the recent Ledger report on their wallet vulnerabilities. Source: blog.trezor.io

Trezor’s response to the recent Ledger report on their wallet vulnerabilities. Source: blog.trezor.io

Ledger initially disclosed its findings during the #MITBitcoinExpo at the Massachusetts Institute of Technology this weekend. The company focused on hacking attacks that require access to device. In particular, Ledger described an option to extract a secret key via a side-channel attack, and the possibility of stealing confidential data from the device.

Posted on

Ledger Discloses Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets

Ledger’s Attack Lab has found five vulnerabilities in hardware wallets of its direct competitor Trezor.

Major hardware wallets manufacturer Ledger has unveiled vulnerabilities in its direct competitor Trezor’s devices, according to a report published on Monday, March. 11.

As of press time, Trezor was not immediately available to comment on Ledger’s findings.

The study states that the vulnerabilities were found by Attack Lab, the company’s department that hacks into both its own and competitors’ devices to improve security. Ledger claims that it has repeatedly addressed Trezor about weaknesses in their Trezor One and Trezor T wallets, and has decided to make them public after the responsible disclosure period ended.

The first issue is related to the genuineness of the devices. According to the Ledger team, the Trezor device can be imitated by backdooring the device with malware and then re-sealing it in its box by faking a tamper-proof sticker, which is reportedly easy to remove. Ledger states that this vulnerability can only be tackled by overhauling the design of the Trezor wallets and, in particular, by replacing one of the core components with a Secure Element chip.

Secondly, Ledger hackers reportedly guessed the value of the PIN on a Trezor wallet using a side-channel attack and reported it to Trezor in late November 2018. The company later solved the issue in its firmware update 1.8.0.

The third and fourth vulnerabilities, which Ledger also offers to solve by replacing the core component with a Secure Element chip, consist of the possibility of stealing confidential data from the device. Ledger states that an attacker with physical access to Trezor One and Trezor T can extract all the data from the flash memory and gain control over the assets stored on the device.

The last weakness discovered is also related to Trezor’s security model: according to Ledger, the crypto library of the Trezor One does not contain proper countermeasures against hardware attacks. The team claims that a hacker with physical access to the device can extract the secret key via a side-channel attack, although Trezor has claimed that its wallets are resistant to it.

In November 2018, Trezor itself warned that an unknown third party was distributing one-to-one copies of its flagship Trezor One device. The fake wallets seemed to originate from China, and the company thus urged owners to buy wallets only from Trezor’s website.

However, in the recent report, Ledger claims that users cannot be sure even when they purchase hardware from the official Trezor website. The attacker could possibly buy several devices, backdoor them, and then send them back to the manufacturer asking for reimbursement. In case the compromised device is sold again, the user’s crypto funds can be stolen, Ledger concludes.

In November 2018, the research team behind the so-dubbed Wallet.fail hacking project demonstrated how they hacked the Trezor One, Ledger Nano S and Ledger Blue at the 35C3 Refreshing Memories conference. Both Trezor and Ledger than admitted to the found vulnerabilities — with Trezor noting that a firmware update would address them — but Ledger also added that they were not critical for its wallets.

Posted on

UN Panel Says North Korea Obtained $670 Million in Crypto and Fiat via Hacking: Report

A U.N. Security Council report states that North Korean hackers obtained $670 million in crypto and foreign fiat from 2015 to 2018

North Korea has reportedly amassed $670 million in fiat and cryptocurrencies by conducting hacking attacks, Asia-focused financial newspaper Nikkei Asian Review reports on Friday, March 8. The publication cites a U.N. Security Council report.

The report, prepared by a panel of experts, was presented to the Security Council’s North Korea sanctions committee ahead of its annual report. According to the documents obtained by Nikkei, the hackers attacked overseas financial institutions from 2015 to 2018 and purportedly used blockchain “to cover their tracks.”

As cited by Nikkei, the report states that the attack were allegedly conducted by a specialized corps within the North Korean military, forming part of country’s government policy. The experts believe that the corps is responsible for hacking Interpark, a South Korean e-commerce site, and luring $2.7 million in exchange for stolen data.

According to Nikkei, the experts came to the conclusion that virtual currencies helped North Korea to circumvent economic sanctions — as they are harder to trace and can be laundered multiple times — and obtain foreign currency. The authors of the report recommended that U.N. member nations share information on possible North Korean attacks with other governments to prevent them in the future.

Nikkei also alleges that blockchain has been previously used by a Hong Kong-based startup, Marine Chain, to circumvent sanctions against North Korea. As the newspaper writes, the company, which traded ships around the world via blockchain, was suspected of supplying cryptocurrencies to the North Korean government and shut down in September 2018.

As Cointelegraph previously reported, in 2018 a study revealed that hacker group “Lazarus,” reportedly funded by North Korea, has stolen $571 million from cryptocurrency exchanges since early 2017. Out of fourteen separate exchange breaches analyzed, five have been attributed to “Lazarus,” including the industry record-breaking $532 million NEM hack of Japan’s Coincheck in January, 2018.

Meanwhile, other countries sanctioned by the world community, such as Iran and Venezuela, also have reported seeing cryptocurrencies as an effective way to circumvent financial restrictions. For instance, four Iranian banks reportedly developed a gold-backed cryptocurrency called PayMon, and the country is allegedly negotiating with Switzerland, South Africa, France, the United Kingdom, Russia, Austria, Germany and Bosnia to carry out financial transactions in cryptocurrency.

Posted on

Japan: Hacked IoT Devices and Cryptocurrency Networks Doubled in 2018

In Japan, the number of hacked IoT devices and cryptocurrency networks nearly doubled in 2018 when compared to the previous year.

In Japan, the number of hacked Internet of Things (IoT) devices and cryptocurrency networks nearly doubled in 2018 when compared to the previous year. English-language local media Asahi reported on March 7.

Per the report, the Japanese Police Agency data shows that an average of 2,752.8 intrusions per sensor per day were detected last year, up 45 percent from the previous year. Furthermore, the data also reportedly shows that almost all of the attacks came from overseas.

According to the article, if one considers only cryptocurrency networks and IoT devices, the data shows an average of 1,702.8 intrusions per sensor per day in 2018, which is about double the 875.9 reported in 2017. Seemingly, this isn’t part of a broader trend to attack all devices more, since the report notes:

“The number of intrusions of networks used for sending and receiving e-mail messages and browsing websites has remained at about the same level since 2016.”

The report also covers the location of the attackers, stating that 20.8 percent are located in Russia, 14.1 percent in China, 12.6 percent in the United States, 6 percent in the Netherlands and 5.1 percent in Ukraine. Attacks originating from inside Japan reportedly accounted only for 1.6 percent of the total.

As Cointelegraph reported in February, more than 7,000 cases of suspected money laundering tied to crypto were reported to Japanese police in 2018, a more than tenfold increase from the 669 cases over a nine-month period during the previous year.

Meanwhile, Cointelegraph reported that five Japanese banks have collaborated to launch a financial services infrastructure based on distributed ledger technology.

Posted on

Ledger Client Address Issue and Fake Deposits: Community Spots Two Vulnerabilities Related to Monero

At least two seperate bugs related to Monero have been detected.

This week, at least two seperate bugs related to Monero (XMR) were reported by crypto community members. The first one allegedly lead to a Ledger hardware wallet user losing around 1,680 XMR (nearly $80,000, as of press time) of his funds after making a transaction. The other vulnerability allowed hackers to make fake XMR deposits to cryptocurrency exchanges.

Anonymity above all: What is Monero and how it works

Monero is a cryptocurrency with an additional focus on anonymity. It was launched in April 2014, when Bitcointalk.org user thankful_for_today forked the codebase of Bytecoin into the name BitMonero. To create the new coin, he relied on the ideas that were first outlined in a 2013 white paper dubbed “Cryptonote” written by anonymous personality Nicolas van Saberhagen. Ironically, BitMonero was soon forked itself by open-source developers and named “Monero” (which means “coin” in Esperanto). It has remained to be an open-source project ever since.

Indeed, Monero has considerably more privacy features compared to conventional cryptocurrencies like Bitcoin (BTC): On top of being a decentralized coin, Monero is designed to be fully anonymous and virtually untraceable. Specifically, it is based on the CryptoNight proof-of-work (PoW) hash algorithm, which allows it to use “ring signatures” (which mix the spender’s address with a group of others, making it more difficult to trace transactions), “stealth addresses” (which are generated for each transaction and make it impossible to discover the actual destination of a transaction by anyone else other than the sender and the receiver), and “ring confidential transactions” (which hide the transferred amount).

In 2016, XMR experienced more growth in market capitalization and transaction volume than any other cryptocurrency, undergoing almost a 2,800 percent increase, as per CoinMarketCap.

Monero Charts

Notably, a lot of that gain could have come from the underground economy. Being an altcoin that is tailor-made for fully private transactions, Monero eventually became accepted as a form of currency on darknet markets like Alphabay and Oasis, according to Wired. Specifically, after being integrated on those trading platforms in the summer of 2016, Monero’s value “immediately increased around sixfold.”

“That uptick among people who really need to be private is interesting,” Riccardo “Fluffypony” Spagni, one of the Monero core developers, told Wired in January 2017.

“If it’s good enough for a drug dealer, it’s good enough for everyone else.”

Currently, XMR is the 13th-biggest cryptocurrency by market cap, with equivalent of over $800 million, according to CoinMarketCap data.

Monero’s alleged privacy remains to be a controversial topic, as some suggest that the coin is not, in fact, fully anonymous. In an interview with Bloomberg, United States Drug Enforcement Administration (DEA) Special Agent Lilita Infante noted that, although privacy-focused currencies are less liquid and more anonymous than BTC, the DEA “still has ways of tracking” altcoins such as Monero and Zcash. Infante concluded:

“The blockchain actually gives us a lot of tools to be able to identify people. I actually want them to keep using them [cryptocurrencies].”

Moreover, as previously reported by Cointelegraph, Monero has been endorsed as “The Official Currency of the Alt Right” by white supremacists like Christopher Cantwell for its focus on anonymity.

The privacy-focused nature of Monero has also driven compliance-oriented crypto exchanges to turn the coin down. For instance, in June 2018, Japan-based Coincheck delisted XMR and three other anonymity-focused altcoins to follow Counter-Terrorist Financing (CTF) and Anti-Money Laundering (AML) procedures issued by the local financial regulator.

Bug #1: change address bug with Ledger

Status: pending

On March 3, user MoneroDontCheeseMe started a Reddit thread, claiming that he or she believes to “have just lost ~1680 Monero [around $80,000] due to a bug” while using the Monero app with his or her Ledger hardware wallet.

According to the post, the user transferred about 0.000001 XMR from his or her wallet to a view-only wallet, sent another 10, 200 and then 141.9 XMR. Allegedly, before sending the last transaction, MoneroDontCheeseMe had about 1,690 XMR in the wallet and 141.95 XMR in an unlocked balance, which is why he or she decided to send 141.9 XMR. However, after the transaction had been sent, the user’s wallet is reportedly showing a balance of 0 XMR.

Furthermore, according to the Reddit user, the amounts sent and the transactions recorded on the blockchain “don’t line up.” MoneroDontCheeseMe wrote that the 200 XMR transaction actually deducted 1691.001 XMR from the Ledger Wallet, and also that the amounts reported for the 10 XMR transaction are incongruous. Monero core developer nicknamed binaryfate told Cointelegraph over email:

“My understanding is that the Ledger may have sent the ‘change’ amount to an erroneous one-time destination that the user did not control. For more details you should ask the Ledger team directly, they are working on it and already identified and fixed the bug as far as I know, so it should be pushed shortly.”

Initially, in the comments to the post, Nicolas Bacca, chief technical officer at Ledger, said that their app has been extensively tested, suggesting that could be a synchronization issue.

However, several hours later, Ledger developers published a warning on the Monero subreddit, advising users not to use the Nano S Monero app because “it seems there is a bug with the change address.”

“The change seems to not be correctly send. Do not use Ledger Nano S with client 0.14 until more information is provided.”

The official Monero Twitter account has since retweeted Ledger’s tweet containing a link to the warning.

Thus, according to Monero’s binaryfate, the Ledger team has prepared a patch to fix the issue, and is expected to release it in the near future. Cointelegraph reached out to MoneroDontCheeseMe to ask him or her whether this issue is being fixed by Monero or Ledger developers, but he or she appeared hesitant to answer straight away and requested more time.

Cointelegraph has also contacted Ledger developers for further comment, but they have not prepared any statement as of press time.

Bug #2: wallet bug enabling hackers to make fake deposits to crypto exchanges

Status: fixed

On March 3, the official account of the Ryo (RYO) cryptocurrency published a Medium post, highlighting a bug in the XMR wallet software that could allow for sending fake deposits to crypto exchanges.

According to the post, an email reportedly sent to the Monero Announce mailing list warned platforms using the coin that the Monero Vulnerability Response team received a disclosure concerning a vulnerability. The bug was reportedly related to coinbase transactions (the first transaction in a block, created by miners).

“This essentially means that the attacker can make it appear as if he deposited any sum of his choosing to an exchange,” the post read. The mentioned email also contained the patch preventing the vulnerability from being exploitable.

As binaryfate explained to Cointelegraph, first, somebody made a responsible disclosure following the Monero Vulnerability Response Process. Then, an email was sent to the Monero Announce mailing list “warning in advance that both a patch and details of the bug would be released together on the 6th of March.” After that, the Monero developer added that Ryo published details “right away”:

“Due to this article, the details had been made public and delaying would have caused unnecessary risk. Hence a patch was publicly merged on github, and a new version of Monero tagged right away.”

Indeed, a few hours later, the official Monero account tweeted that the fix for the vulnerability had been written and was awaiting review. As per the GitHub page dedicated to the patch, it appears that the code has been already merged with the main branch, which means that the fix is ready and only needs the new release to be published.

Ryo is a code fork of Monero, as per its website. According to the Medium entry, its team fixed the same vulnerability seven months ago. The post also notes that they avoided making a responsible disclosure to the Monero team earlier because of Monero’s “long history of toxic behaviour towards security researchers.”

Furthermore, the post also claims that when discussing the exploit in the Ryo public channel, the author of the post accidentally disclosed another vulnerability, concluding that “Monero might want to get that one patched too.” When asked whether they knew anything about such a bug, the Monero representative answered by saying “you would have to ask the author of the article.” Ryo has not returned Cointelegraph’s request for comment as of press time.

Previous Monero bugs and cryptojacking problems

Monero, being an open-source project, tends to collaborate with its community members to tackle security breaches. Thus, in September 2018, Monero developers successfully eliminated at least two bugs that were reported on its subreddit page.

First, there was a burning bug, which Monero promptly fixed and notified “as many exchanges, services and merchants as possible,” to apply the new patch. Secondly, the XMR community reported that the Mega Chrome extension was compromised, leading to its quick removal from the Chrome webstore.

Further, Monero’s privacy features have made it popular among cryptojackers. Thus, last year, more than 526,000 computers were reportedly infected with a cryptocurrency botnet malware called Smominru, which allowed hackers to mine more than $2 million worth of XMR.

In February 2019, tech corporation Microsoft removed eight Windows 10 applications from its official app store after cybersecurity firm Symantec identified the presence of hidden XMR coin mining code. The firm’s analysis identified the strain of mining malware enclosed in the apps as being the web browser-based Coinhive XMR mining code. Later that month, Coinhive announced it will stop all its operations on March 8, saying that the project is not “economically viable anymore.”