Unknowns hacked into the Monero cryptocurrency site and replaced the Linux version of the CLI wallet with a virus. The modified program stole cryptographic keys for accessing the wallet and passed them to attackers. This was reported by the ZDNet website.
The substitution was accidentally discovered by a GitHub user who downloaded the 64-bit version of the Linux wallet and noticed that the SHA256 hash of the file did not match the data on the Monero website.
Monero confirmed the hacking of the site and announced the beginning of the investigation. Representatives of the cryptocurrency called on everyone who downloaded the wallet on November 18 to check the hash amounts of the files and make sure that they match the data on the official website. In case of mismatch, it was recommended to remove the wallet and reinstall it.
Apparently, users did not have time to massively suffer from intruders. However, at least one wallet owner told about the loss of 7 thousand dollars in virtual currency.
A malicious version of the wallet has been published online for researchers. As an analysis of experts showed , the program was changed so that it sends encryption keys to attackers when creating or opening a wallet