- One of vulnerability opened a window for attackers to steal from cryptocurrency exchanges.
- The vulnerability report surfaced at the time Monero version 0.14.1.0 l was released.
One of the leading privacy coins on the market Monero (XMR) revealed nine vulnerabilities. Among the vulnerabilities, there is one that puts users that risk of theft and could badly impact on crypto exchanges.
The report said that Monero illegal miners could before March, have come up with “specifically-crafted’ blocks that had the power to force their way into Monero wallets. This could allow them to deposit fake XMR of any amount into the wallets. This vulnerability opened a window for stealing from cryptocurrency exchanges.
At the time of discovery, the researchers were given 45 XMR as a reward for their efforts. In addition to that, five more denials of service (DoS) attack vectors were revealed. One among the five was flag as the ‘critical” one.
Furthermore, a CryptoNote-specific vulnerability was also discovered. This vulnerability could give attackers the capacity to bring down nodes on the crypto network via malicious data requests.
One of the researchers Andrey Sabelnikov spoke to The Next Web regarding the vulnerability such a vulnerability “could’ve seen attackers make a protocol request “that will call all of its blocks from another node, which could be hundreds of thousands of blocks.”
“Preparing such a response can take a lot of resources. Eventually, the OS might kill it due to the huge memory consumptions, which is typical of Linux systems.”
The vulnerability report surfaces at the time Monero version 0.14.1.0 l was released. The report adds that eight of the vulnerabilities have already been fixed. However, one of the vulnerabilities has been kept out the public high but developers are working on it.