Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
A bug in the Monero wallet software that could enable fake deposits to exchanges has been recently brought to the public’s attention.
A bug in the Monero (XMR) wallet software that could enable fake deposits to exchanges has been recently brought to public attention through a Medium post, published by the official Ryo (RYO) account on March 3.
According to the post, an email reportedly sent to the Monero-announce mailing list warns exchanges and service operators using the coin that the Monero Vulnerability Response team received a disclosure concerning a vulnerability. The vulnerability consists of the mishandling of outputs in coinbase transactions (the first transactions in a block, always made by miners).
This mishandling could potentially allow an attacker to fake the deposit of an arbitrary amount of XMR to an exchange. Still, the email also contained parameters for the wallet, which are effectively a workaround preventing the vulnerability from being exploitable. The official Monero profile also tweeted the same workaround on March 3.
About ten hours later, the Monero account tweeted that the fix for the vulnerability has been written and was awaiting review. From the GitHub page dedicated to the patch, it appears that the code has been already merged with the main branch, which means that the fix is ready and only needs the new release to be published.
Ryo, a cryptocurrency derived from Monero, reports in its Medium post that its team fixed this vulnerability seven months ago.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.