The day before yesterday, November 18, the official site of Monero cryptocurrency was violated by hackers to distribute a malware-infected file, stealing money by account holders.
The violation was detected by a Monero user and reported the issue to GitHub. Following the publication, Monero's team confirmed the incident violation through one tweet.
User discovered something was wrong when downloading an 64-bit Linux binary from the command line interface Linux.
After downloading the installer from the official website, noticed that the SHA256 hash for the downloaded file did not match the SHA256 hash listed on the site. So he realized that the file had been modified.
Team M.onero investigates the case
The team urges all users who downloaded the CLI wallet on Monday to check the hashes of their binaries. If they notice that they are not the same as the hashes on the site, they should delete the files and download them again. "Don't run the broken binaries for any reason," the Monero team said.
After the breach was discovered, the team removed it malicious file. However, one user stated that he lost his cryptocurrencies.
“I can confirm that the malicious binary steals cryptocurrencies. About 9 hours after the binary was executed, there was a transaction that emptied my wallet, ”the user said. According to his post, Monero lost 7,000 dollars.
The Monero team is still investigating the case to find out how they managed hackers to violate the download server. At this time, there is no risk, however users should always check.
Apart from the user, who publicly reported losing Monero after downloading the malicious file, no other violations have been reported. However, others may have been affected users.
Η infringement she gave us a good lesson and showed that a simple verification of hashes can be salvageable. All users should do these checks.