Monero (XMR) Price Analysis: Did XMR Drip After Wallet Exploit?

/in


Table of Contents

The Monero community wallet was hit by a major exploit, resulting in the loss of its entire balance of 2,675.73 Monero (XMR), worth almost $460,000. The cause and source of the exploit are currently unidentified. 

The attacker reset the balance of the community wallet in nine separate transactions. 

Late Disclosure By Monero 

According to reports, the hack in question took place on the 1st of September. However, it was disclosed on GitHub after two months, on the 2nd of November, 2023, by Monero developer Luigi, who stated that the community wallet had been completely emptied. The developer also stated that the source of the breach was yet to be identified. 

“The CCS Wallet was drained of 2,675.73 XMR (the entire balance) on the 1st of September, 2023, just before midnight. The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach.”

However, cybersecurity firm SlowMist stated that it was unlikely the hack was a result of a loophole in the Monero privacy model. Moonstone Research was investigating how the attacker moved the stolen funds. Their analysis revealed some interesting results, and they were able to trace three of the hacker’s transfers.

Monero’s Community Crowdfunding system funds development proposals from members. Monero developer Ricardo’ Fluffypony’ Spagni, the only other individual with access to the wallet seed phrase, noted, 

“This attack is unconscionable, as they’ve taken funds that a contributor might be relying on to pay their rent or buy food.”

According to Luigi, the CSS wallet was set up on an Ubuntu system in 2020, along with a Monero node. 

Details Of The Hack 

Luigi used a hot wallet to make payments to community members. This wallet has been on a Windows 10 Pro desktop since 2017. The hot wallet was funded by the CSS wallet as and when needed. However, on the 1st of September, the CSS wallet was wiped clean in nine transactions. Following the incident, the Monero core team is calling for the General Fund to cover current liabilities. Spagni noted in the GitHub thread, 

“It’s entirely possible that…

Source…