Technologies

Unknowns built the virus into the Monero cryptocurrency site. It is popular with hacker embedders.

Before that, Monero scripts for mining were embedded in other sites, and now hackers have sunk deeper.

Unknowns hacked into the Monero cryptocurrency site and replaced the Linux version of the CLI wallet with a virus. The modified program stole cryptographic keys for accessing the wallet and passed them to attackers. This was reported by the ZDNet website.

The substitution was accidentally discovered by a GitHub user who downloaded the 64-bit version of the Linux wallet and noticed that the SHA256 hash of the file did not match the data on the Monero website.

Monero confirmed the hacking of the site and announced the beginning of the investigation. Representatives of the cryptocurrency called on everyone who downloaded the wallet on November 18 to check the hash amounts of the files and make sure that they match the data on the official website. In case of mismatch, it was recommended to remove the wallet and reinstall it.

Apparently, users did not have time to massively suffer from intruders. However, at least one wallet owner told about the loss of 7 thousand dollars in virtual currency.

A malicious version of the wallet has been published online for researchers. As an analysis of experts showed , the program was changed so that it sends encryption keys to attackers when creating or opening a wallet

The Monero cryptocurrency became popular with hackers for hidden coin mining in 2017, when the JavaScript miner CoinHive was released for it . Attackers took advantage of the fact that it runs on processor resources and can easily be embedded on any site without the knowledge of users. Since then, the Monero miner has been embedded in YouTube advertising banners , The Pirate Bay torrent tracker , a free calendar from the App Store for Mac, as well as government agencies sites .

Tags
Back to top button
Close
Close