Digital forensics specialists report that the official website of Monero, one of the most popular cryptocurrencies, was compromised due to the presence of a malware-infected file capable of extracting funds from account holders.
Apparently it all started on November 18, when
a user found the infected file and reported the problem to GitHub.
Hours later, Monero team confirmed that it was a hacking incident.
The user downloaded a 64-bit Linux binary to
work with Monero from the Linux command-line interface; after downloading the
installer from the official website, the user noticed that the SHA256 hash did
not match the one listed on the website, a clear indication that the file had
been compromised, as mention by digital forensics experts.
On their official sites, Monero developing team
mentioned: “It is recommended to all users who downloaded the CLI online
wallet from our website between 2:30 AM and 4:30 PM on Monday, November 18, to
verify the hashes of their binaries. If they do not match those shown on the
official website, delete and download them again. Under no circumstances run
the compromised binaries.”
Monero managers claim that the compromised file
has already been removed from the platform; however, damage could not be
avoided altogether, as a user has already reported the loss of their assets due
to this malware. Through Reddit, an unidentified user posted: “I can
confirm that this binary is stealing cryptocurrency; about nine hours after I
ran the binary the $7k USD of my account disappeared with a single transaction”.
Monero apparently continues to investigate how
hackers managed to inject this malware into its download site; at the moment,
downloading any Monero tool is being done through an alternative method, so
users should have no problems downloading any of these resources.
It is not yet known whether other users have
suffered asset loss, although digital forensics specialists from the
International Institute Cyber Security (IICS) highlight the importance of the
user report that detected the anomaly, because, from a work of routine
scrutiny, was able to save perhaps thousands of dollars.