Digital forensics specialists report that the official website of Monero, one of the most popular cryptocurrencies, was compromised due to the presence of a malware-infected file capable of extracting funds from account holders.
Apparently it all started on November 18, when a user found the infected file and reported the problem to GitHub. Hours later, Monero team confirmed that it was a hacking incident.
The user downloaded a 64-bit Linux binary to work with Monero from the Linux command-line interface; after downloading the installer from the official website, the user noticed that the SHA256 hash did not match the one listed on the website, a clear indication that the file had been compromised, as mention by digital forensics experts.
On their official sites, Monero developing team mentioned: “It is recommended to all users who downloaded the CLI online wallet from our website between 2:30 AM and 4:30 PM on Monday, November 18, to verify the hashes of their binaries. If they do not match those shown on the official website, delete and download them again. Under no circumstances run the compromised binaries.”
Monero managers claim that the compromised file has already been removed from the platform; however, damage could not be avoided altogether, as a user has already reported the loss of their assets due to this malware. Through Reddit, an unidentified user posted: “I can confirm that this binary is stealing cryptocurrency; about nine hours after I ran the binary the $7k USD of my account disappeared with a single transaction”.
Monero apparently continues to investigate how hackers managed to inject this malware into its download site; at the moment, downloading any Monero tool is being done through an alternative method, so users should have no problems downloading any of these resources.
It is not yet known whether other users have suffered asset loss, although digital forensics specialists from the International Institute Cyber Security (IICS) highlight the importance of the user report that detected the anomaly, because, from a work of routine scrutiny, was able to save perhaps thousands of dollars.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.