Privacy coin Monero’s command line interface (CLI) binaries on ‘getmonero.org’ have been compromised as part of a malicious attack.
‘Binaries’ is a term used by the coding community to refer to a source of compiled code which allows a program to be installed without the need to create an executable program to run the source code.
Downloading binaries is commonplace in the open source software space. On getmonero.org, binaries are available for Windows, Mac, Linux, and FreeBSD operating systems.
A recent post on Reddit by Monero core team member binaryFate reads:
“Security Warning: CLI binaries available on getmonero.org may have been compromised at some point during the last 24h.”
The attack, which was revealed by members of the Monero community in mere minutes, was designed to serve infected builds of Monero’s binaries. Users identified that the ‘hash’ associated with the downloaded programs did not match the expected hash on the official Monero GitHub.
The compromised section of the website was thought to have been serving infected builds for a total of 35 minutes.
Commenting on the thread, one user who analysed the infected build claimed it was just a “simple coin-stealer” attack and it wasn’t designed to alter system files.
Despite this, users have been warned that any binaries they downloaded in the last 24 hours must be checked for integrity.
Lead maintainer of the Monero project Riccardo Spagni, also known on Reddit as ‘Fluffypony’, published a series of digital signatures which all downloadable programs from the getmonero.org site should feature.
Users are urged to confirm that the hash of their downloaded programs matches Spagni’s official Monero hashes.
If users have already run the downloaded software, the warning states that they must immediately transfer out any funds into a safe wallet.
Reddit user ‘ryannathans’ highlighted that whilst tech-savvy users were able to identify and take steps to avoid the malicious software, regular users would benefit from self-updating software to automatically catch such attacks.
It’s currently unknown who perpetrated the attack or how many users have downloaded the malicious software.
The investigation is ongoing, with members of the Monero community running tests on the malicious binaries in an attempt to find out how they operate.
You can learn more about the popular privacy coin Monero here.
Singapore, Singapore, 19th September 2024, Chainwire
Grand Cayman, Cayman Islands, 12th September 2024, Chainwire
Warsaw, Poland, 20th August 2024, Chainwire
Singapore, Singapore, 20th August 2024, Chainwire
Grand Cayman, Cayman Islands, 26th July 2024, Chainwire
As usual, the crypto market is keeping everyone guessing what could happen next. After an…