Binaries of the CLI for monero
compromised
The binaries of the CLI wallet had been compromised and a malicious version was being served. The attacker introduced two new functions. Anyone who created or opened a wallet with the compromised binary had their seed stolen.
Impact
The impact of this incident is unknown however at least one Reddit user claimed to have lost funds worth $7000.
Type of Compromise
This incident fits the Publishing Infrastructure definition.
References
- Warning: The binaries of the CLI wallet were compromised for a short time
- Wrong hashes (from getmonero.org)
- Security Warning: CLI binaries available on getmonero.org may have been compromised at some point during the last 24h.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.