Monero (XMR) discloses 9 major security flaws found by HackerOne

07 Jul, 2019
by David Robb
Monero (XMR) discloses 9 major security flaws found by HackerOne

The Monero team has announced that nine major security flaws have recently been detected and resolved on the XMR network. The bugs were found by security research project HackerOne.

Contrubutors to the HackerOne platform regularly find weaknesses in some of the top cryptos, often preventing major losses of funds for the networks and their investors. One vulnerability that did go undetected in the Monero network led to a hack back in February, although the appropriated XMR was eventually recovered.

This most recently disclosed bug was first discovered by HackerOne in February. It was eventually made public by the XMR team on July 2. Luckily, this vulnerability appears to have been discovered before anyone was able to exploit it. TheNextWeb reports that the security researchers were awarded 45 XMR, worth around $4,100 at current prices. There were 8 other less serious security issues also identified, including five DDoS attack vectors.

According to the HackerOne report, the most serious bug would effectively have allowed rogue miners to steal XMR from exchanges. It "allows an attacker to convince any cli wallet that it received transaction with amount chosen by the attacker...this can be used to send such counterfeit XMR to an exchange, that will credit the attacker with the sait amount of XMR inside the exchange, which can be exchanged for other coins and withdrawn".

Follow Chepicap now on Twitter, YouTubeTelegram and Facebook!

Read more about: Monero (XMR)


Zcash or Monero?

(63 votes)

Add a comment

Check out the latest news

You will be logged out and redirected to the homepage