A recently discovered bug allowed bad actors to trick and exploit cryptocurrency exchanges by sending multiple payments to the same stealth address.
Monero Bug Allows Hackers to Steal from Crypto Exchanges
Monero (XMR) is known as a coin that provides its users with increased levels of privacy and anonymity. Because of this, it has always accused of being the favorite coin for hackers and other cybercriminals. However, recently, a bug was discovered in its code, and experts claim that it has a potential to allow bad actors to steal funds from crypto exchanges.
The bug in question allows users to “burn” Monero tokens on purpose, which is why it was described as “a burning bug.” It can do this by sending several payments to a stealth address. According to reports, after the payment was sent, the recipient would be free to spend it as per their desire. However, they would only be capable of spending one output, while the additional transactions would become unspendable.
Monero developers themselves explained the situation in their own blog post. In it, they explain that the wallets used by exchanges do not cover this abnormality. As such, they do not report it, and the exchange would not notice that something is not right.
Instead, they would credit the hacker with a requested amount, and the hacker would likely exchange XMR for Bitcoin, which would then be withdrawn. After the transactions are over, the exchange would have only 1 XMR that they can actually spend, while the rest would be unusable.
What Will Happen to Monero?
While the vulnerability was patched quickly, and exchanges should be capable of resisting this form of an attack, this is not the last of Monero’s troubles. The existence of a bug is always an issue, and when such a big vulnerability remains undetected for so long, the long-term damage to the coin is nearly unavoidable.
A number of exchanges stopped XMR trading when the news of the bug reached the media. This includes exchanges like Poloniex, Cryptopia, and Bittrex. While some of these exchanges have decided that Monero is often safe to trade, a lot of bigger exchanges will not be so easy to persuade. The larger the exchange in question is, the bigger the are risks that it has to consider and deal with.
Bittrex, for example, took Bitcoin Gold off its list after a recent hack. The exchange has also delisted numerous other coins in the past. Additionally, Monero already has a bad reputation due to the fact that hackers prefer it over other coins. While there were those willing to overlook this fact, the news of the bug in addition to everything else did not fix things for this coin. If all the coin can hope for is bad press, then it likely will not get much appreciation in the near future.
Featured image from Shutterstock.