in ,

Official Monero website is hacked to deliver currency-stealing malware, Ars Technica

Official Monero website is hacked to deliver currency-stealing malware, Ars Technica


      NOW YOU SEE IT … –

             

GetMonero.com delivers Linux and Windows binaries that steal users’ funds.

      

          –

  

        

Image of ones and zeros with the word

The official site for the Monero digital coin was hacked to deliver currency-stealing malware to users who were downloading wallet software, officials with GetMonero.com said on Tuesday .

The supply-chain attack came to light on Monday when a site user reported that thecryptographic hash for a command-line interface wallet downloaded from the site didn’t match the hash listed on the page. Over the next several hours, users discovered that the mismatching hash wasn’t the result of an error. Instead, it was an attack designed to infect GetMonero users with malware. Site officials later confirmed that finding.

“It’s strongly recommended to anyone who downloaded the CLI wallet from this website between Monday 18 TH 2: 30 AM UTC and 4: 30 PM UTC, to check the hashes of their binaries, “GetMonero officialswrote. “If they don’t match the official ones, delete the files and download them again.Do not run the compromised binaries for any reason.

Ananalysis of the malicious Linux binaryfound that it added a few new functions to the legitimate one. One of the functions was called after a user opened or created a new wallet. It sent the wallet seed — which is the cryptographic secret used to access wallet funds — to a server located at node.hashmonero [.] com. The malware then sent wallet funds to the servers located at node.xmrsupport [.] co and 9. 148 [.] 65.

A malicious Windows version of the CLI wallet carried out an almost identical attack sequence.

At least one person participating in a Reddit forum claimed to havelost digital coins after installing the malicious Linux binary.

“Roughly 9 hours after I ran the binary a single transaction drained my wallet of all $ 7000, “the person wrote. “I downloaded the build yesterday around 6pm Pacific time.”

The user said at the time that it wasn’t clear if the malware carried out other nefarious actions on the computer itself. The person made a copy of the malwareavailable for downloadso that researchers can analyze the code. Under no circumstances should people run this binary on anything other than a test machine that has no access to cryptocurrency wallets.

GetMonero’s advisory didn’t say the site was compromised or if the vulnerabilities that led to the hack had been fixed. Users should stay apprised of this breach in the coming days.

In the meantime, people who want to verify the authenticity of their Monero CLI software cancheck here for Windowsorherefor more advanced users of Windows, Linux, or macOS.

The incident is a graphic reminder why it’s crucial to check summaries before installing software. The links in the paragraph above this one explain how to do that.

                                 

                  

Brave Browser
Read More
Payeer

What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Uber back-up driver faulted in fatal autonomous car crash – Financial Times, Google News

Stocks to Watch: RIL, Yes Bank, Bharti Airtel, Infosys, NBFCs, Wipro – Livemint, Livemint.com

Stocks to Watch: RIL, Yes Bank, Bharti Airtel, Infosys, NBFCs, Wipro – Livemint, Livemint.com