A hack on privacy coin Monero’s official website yesterday let users download a malicious version of one of its wallets.
“The Monero website is a common target for attack, and this is the first time that it was compromised,” Justin Ehrenhofer, Organizer of Monero’s Malware Response Workgroup, told Decrypt.
Monero’s Ehrenhofer said that volunteer security researchers have found code that sends the Monero mnemonic seed, which contains private keys, to the hacker’s server. The hacker could then use this information to drain funds from victims’ wallets.
In addition, researchers have found suspicious activities related to remote-access, which Ehrenhofer says “indicates that the attacker may have access the filesystem and the ability to perform other actions.”
Monero said that the issue lasted 35 minutes—“a likely estimate of the total time it was compromised within this window based on user feedback and some initial results,” said Ehrenhofer.
Monero advised potentially compromised users—those who downloaded the command-line-interface wallet between 2:30 AM UTC and 4:30 PM UTC yesterday—and whose binary hashes don’t match the official ones—to transfer funds out of all wallets opened to a safe version of the Monero wallet.
Downloads now come from a safe, fallback source, Monero said.
In an interview with Decrypt, Dark.Fail—a pseudonymous cybersecurity researcher and the owner of a site that tracks how long sites hosted on Tor stay online—said that users with compromised wallets face risks, including de-anonymizing user IP addresses, having keystrokes logged by attackers, or further infecting their computers.
Dark.Fail said Monero should have come clean about the hack sooner: “They did not post any warnings to their website [until 14 hours after announcing the breach on Reddit], the very place this malware was distributed. They chose instead to announce this breach to the small subset of their users that happen to follow them on Reddit, or on Twitter.”
“If an official website says download something, people will download it. Arguing that people should check hashes or compile their own code, while technically true, completely alienates non-technical users,” they added.
Ehrenhofer said that Monero’s notifications reached hundreds of thousands through social media, but admitted “we should have immediately started working on a notification on the main website, and we should have sent an email to the Monero-announce mailing list.”
Still, Dark.Fail said too many questions remain: “How did this happen? What access controls are in place? Who has access to Monero's servers? How hard is it to upload a malicious executable in place of the official one?”
Ehrenhofer said the box running the server was locked down with industry-leading file integrity monitoring and that when researchers complete their audit, answers will be forthcoming. Monero has organized a meeting on Friday post to discuss how to handle future emergencies. It will no doubt be a busy one.