Developers of the Montero crypto currency have eliminated a bug that could allow intruders to "burn" funds in organizations' wallets, while sacrificing only a modest amount in the form of transaction commissions. This is reported in the official announcement of the project.
Identify the bug allowed a scenario of a hypothetical attack, described by one of the participants in the sabreddita Monero.
What happens if I spend from a specific stealth address and then someone sends more to it? Image has already been used? from r / Monero
"The attack organizer generates a random private transactional key and changes the code to use only this key. This ensures that it sends multiple transactions to one stealth address. Then he sends, for example, a thousand transactions of 1 XMR per stock exchange. Since the purse of the exchange is not warned about such non-standard behavior (funds are accepted for one stealth-address), the exchange, as usual, will enroll 1,000 XMR. "
Monero developers note that this method does not allow the attack organizer to directly receive the XMR coins deposited in this way. However, an attacker can bring XMR through bitcoins, and the exchange will remain with 999 non-consumable or "burned" outputs from 1 XMR.
The created fix was privately distributed to exchanges and large merchants, so as not to attract unnecessary attention to the time of elimination of problems. According to the developers, to perform real attacks, the exploit was not used.
Recall, in early August, because of the critical bug in the code Monero, which allows you to manipulate the amount of transactions, crypto-Livecoin suffered losses exceeding $ 1.8 million .
Subscribe to BlockchainJournal news in Telegram: BlockchainJournal Live – all news feed, BlockchainJournal – the most important news and polls.
TOP 10 CRYPTOCURRENCY
|#||Name||Price||Market Cap||Change||Price Graph (24h)|