Monero developers revealed nine security flaws and one of them was potentially very scary, leading to a massive theft threat. More about the discovery, we read in the coming altcoin news below.
According to the Monero developers report, the two critical bugs discovered:
“By mining a specially crafted block, that still passes daemon verification an attacker can create a miner transaction that appears to the wallet to include sum of XMR picked by the attacker. It is our belief that this can be exploited to steal money from exchanges,” a developer with the pseudoname “cutcoin”
The developers also discovered five DoS attack vectors which were labeled as critical issues. Another security flaw discovered was concerning CryptoNote which is an application layer that is used in the entire ecosystem of the cryptocurrency in order to increase the privacy of the transactions. The hackers managed to exploit the bug by taking the Monero nodes down using a method that includes the malicious request of massive amounts of the Blockchain data from the entire network:
“If you have quite a big blockchain (with long history like Monero […]), then you can push a protocol request that will call all of its blocks from another node, which could be hundreds of thousands of blocks. Preparing such a response can take a lot of resources. Eventually, the OS might kill it due to the huge memory consumptions, which is typical of Linux systems.’’
According to the developer Sabelnikov, some of the other crypto projects who are using the CryptoNote application could be affected by the security flaws. Another issue that the Monero developers found was the leaking of uninitialized memory. According to the reports that we have in the latest cryptocurrency news, uninitialized memory is basically never uninitialized. Therefore, there is tons of sensitive data such as cryptographic and private information. The reports also show that the majority of the flaws were from four months ago before they discovered another eight vulnerabilities patched in the meantime.
Two of the nine flaws were labeled as critical by the developers so it should be noted that all of them are ‘’proof of concepts’’ and there is no sign that anyone has managed to exploit the said bugs. The Monero developers also successfully patched a bug last year that could have turned into a huge risk of the cryptocurrency.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at editor@dcforecasts.com
Discussion about this post