Thursday, April 15, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Official Monero website compromised with malware that steals funds

November 20, 2019
in Internet Security
Official Monero website compromised with malware that steals funds
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Compromised Monero file, highlighted in red

You might also like

Microsoft Defender for Endpoint now protects unmanaged BYO devices

Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers

ASIO boss says he’s not concerned with Australian Parliament’s March outage


Image: ZDNet

The official website of the Monero cryptocurrency has been compromised to deliver a malware-infected file that steals funds from account owners.

The compromise happened yesterday, November 18. A user spotted the compromised filed and reported the issue on GitHub, with the Monero team confirming the hack in a tweet earlier today.

The hack was discovered after the user downloaded a 64-bit Linux binary for working with Monero cryptocurrency from the Linux command-line interface.

After downloading the installer from the official website, the user noticed that the SHA256 hash for the downloaded file did not match the SHA256 hash listed on the official site — meaning that the file had been altered.

Monero team confirms hack, still investigating

“It appears the box has been indeed compromised and different CLI binaries served for 35 minutes,” the Monero team said in a Reddit post published this morning, confirming the incident.

Although the Monero team claims it intervened to take down the compromised file in less than an hour, the 35-minute window was enough for hackers, and at least one user reported losing funds.

“I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet of all $7000,” said a user in a Reddit comment.

monero-stealer.png

Image: ZDNet

At the time of writing, the Monero team said it was still investigating how the hacker (group) compromised its download server. Downloads should be safe now, they said, as they’re being delivered from a “fallback source.”

While it’s unclear how many users lost funds in this hack, the incident shows how important a simple action like verifying file hashes for recently downloaded files can sometimes be — a practice that very few people follow.

A version of the malware-infected Monero Linux CLI binary is available for download from here (for reverse-engineering purposes, DON’T RUN). A VirusTotal scan is available here.


Credit: Zdnet

Previous Post

Greater Southeast Asia Is Becoming a Gaming and Esports Steamroller

Next Post

How to Use Live Video for Marketing Your Business

Related Posts

Microsoft Defender for Endpoint now protects unmanaged BYO devices
Internet Security

Microsoft Defender for Endpoint now protects unmanaged BYO devices

April 15, 2021
Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers
Internet Security

Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers

April 14, 2021
ASIO boss says he’s not concerned with Australian Parliament’s March outage
Internet Security

ASIO boss says he’s not concerned with Australian Parliament’s March outage

April 14, 2021
‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system
Internet Security

‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system

April 14, 2021
Microsoft April patch download covers 114 CVEs including new Exchange Server bugs
Internet Security

Microsoft April patch download covers 114 CVEs including new Exchange Server bugs

April 14, 2021
Next Post
How to Use Live Video for Marketing Your Business

How to Use Live Video for Marketing Your Business

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Three Privacy Preserving Machine Learning Techniques Solving This Decade’s Most Important Issue
Machine Learning

Three Privacy Preserving Machine Learning Techniques Solving This Decade’s Most Important Issue

April 15, 2021
5 Ways Conversational AI is Shaping the Future of Learning | by Aurosikha Priyadarshini | Apr, 2021
Neural Networks

5 Ways Conversational AI is Shaping the Future of Learning | by Aurosikha Priyadarshini | Apr, 2021

April 15, 2021
Marketing Automation Technology for Revenue & Growth
Marketing Technology

Marketing Automation Technology for Revenue & Growth

April 15, 2021
Six courses to build your technology skills in 2021 – IBM Developer
Technology Companies

A brief intro to Red Hat OpenShift for Node.js developers – IBM Developer

April 15, 2021
Microsoft Defender for Endpoint now protects unmanaged BYO devices
Internet Security

Microsoft Defender for Endpoint now protects unmanaged BYO devices

April 15, 2021
New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
Internet Privacy

New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks

April 15, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Three Privacy Preserving Machine Learning Techniques Solving This Decade’s Most Important Issue April 15, 2021
  • 5 Ways Conversational AI is Shaping the Future of Learning | by Aurosikha Priyadarshini | Apr, 2021 April 15, 2021
  • Marketing Automation Technology for Revenue & Growth April 15, 2021
  • A brief intro to Red Hat OpenShift for Node.js developers – IBM Developer April 15, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates