“A critical bug in the wallet software, of which the severity was initially significantly underestimated, allowed an attacker to steal funds from organizations present in the Monero ecosystem.”
The bug was first exploited in July, leading exchanges to suspend their services:
Every CryptoNote based coin is currently under maintenance while we wait on the coin developers to update/fix their wallet because of the recent bug discovered.
— Altex.exchange (@Altex_exchangeR) July 6, 2018
Monero did not reveal how much crypto may have been stolen, although some exchanges have reported losses in the past. AltEx has said that the “bug caused a big loss in coins for the exchange.”
How Did It Work?
The bug existed in two forms. In its most common form, the bug essentially allowed attackers to include a transaction public key multiple times in a transaction. The recipient’s wallet would then show that it had received more XMR than it had actually received. However, the wallet balance would reflect the actual amount of XMR that had been moved.
According to Monero’s announcement, “this variant of the bug was fairly trivial to exploit.” Attackers simply had to append a few lines of code, and as long as the targets did not notice, this attack could be repeated indefinitely.
The second variant of the bug involved dummy transaction public keys. Attackers could misuse these keys to trick the wallet into misrepresenting the transaction, which would similarly lead a wallet to report a larger transaction than had actually been performed.
The bugs were patched in v0.12.3.0 of the Monero software, which was released on July 12th. The Monero team also attempted to privately notify some services, vendors, and exchanges of the issue.
However, the Monero team could not contact every service. The team may improve the warning process in the future with a private mailing list that only approved services can subscribe to:
“Some kind of verification of subscribers would be required … it would probably be more secure than a public mailing list to which a clever attacker would undoubtedly subscribe.”
Monero’s announcement also reminds organizations that cryptocurrency is a new technology, and that “sanity checks” are important—that is, transaction amounts should always be checked against balances. Monero developers are considering adding a sanity check feature to the Monero software.
The Bigger Picture
Monero is prominent in crypto-related crime because it keeps transaction data private. Whereas Bitcoin transactions are public and can sometimes be traced, Monero gives cybercriminals a better chance of escaping justice.
However, thefts due to this bug may have been a crime of opportunity rather than a desire to make use of Monero in particular. Bugs are unfortunately common to all cryptocurrencies and are frequently exploited.