User discovered something was wrong when downloading an 64-bit Linux binary from the command line interface Linux.
After downloading the installer from the official website, noticed that the SHA256 hash for the downloaded file did not match the SHA256 hash listed on the site. So he realized that the file had been modified.
Team M.onero investigates the case
The team urges all users who downloaded the CLI wallet on Monday to check the hashes of their binaries. If they notice that they are not the same as the hashes on the site, they should delete the files and download them again. "Don't run the broken binaries for any reason," the Monero team said.
After the breach was discovered, the team removed it malicious file. However, one user stated that he lost his cryptocurrencies.
“I can confirm that the malicious binary steals cryptocurrencies. About 9 hours after the binary was executed, there was a transaction that emptied my wallet, ”the user said. According to his post, Monero lost 7,000 dollars.
Apart from the user, who publicly reported losing Monero after downloading the malicious file, no other violations have been reported. However, others may have been affected users.
Η infringement she gave us a good lesson and showed that a simple verification of hashes can be salvageable. All users should do these checks.