Monero’s Community Crowdfunding System (CCS) recently fell victim to a malicious attack, resulting in the loss of its entire balance of 2,675.73 Monero (XMR). This devastating breach, which occurred on September 1, 2023, was only disclosed to the public on November 2, sending shockwaves through the Monero community. With Monero’s current market price at $167 per XMR, the lost funds amount to nearly $460,000.
The Unidentified Culprit
Monero developer Luigi, along with Ricardo “Fluffypony” Spagni, were the only individuals with access to the wallet seed phrase. However, despite their best efforts, the source of the breach remains a mystery. Luigi reported, “The CCS Wallet was drained of 2,675.73 XMR (the entire balance) on September 1, 2023, just before midnight. The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach.”
Monero’s CCS plays a pivotal role in funding development proposals from its community members. The loss of these funds is deeply concerning as they are often relied upon by contributors for essential expenses like rent and groceries. “This attack is unconscionable, as they’ve taken funds that a contributor might be relying on to pay their rent or buy food,” noted Fluffypony.
Possible Origins of the Attack
Monero’s core team speculates that this attack may be connected to a series of ongoing breaches since April, which involved compromised keys across various cryptocurrencies. The breach could have also stemmed from the wallet keys being exposed online on the Ubuntu server.
One pseudonymous developer, Marcovelon, suggested a possible scenario where Luigi’s Windows machine was compromised by an undetected botnet. The attackers might have exploited SSH session details on the machine, potentially stealing the SSH key or utilizing a trojan’s remote desktop control capability.
In response to this crisis, Monero’s core team is advocating for the General Fund to cover the current liabilities of the CCS. While the immediate focus is on addressing the loss and securing the remaining assets, this incident serves as a stark reminder of the persistent threats faced by cryptocurrency communities and the importance of robust security measures in safeguarding digital assets. As the investigation continues, the Monero community remains hopeful that the perpetrators behind this attack will be identified and brought to justice.