BNB -0.32%
BTC 0.16%
DOGE -0.29%
ETH 0.85%
PEPE -0.06%
XRP 2.03%
SHIB -0.01%
SOL 0.42%
presale is live

Monero’s Security Breach Drains Entire Funds In Community Wallet: What’s Going On?

David Pokima
Last updated: | 2 min read
Source: AdobeStock / Tomasz Bidermann

Monero’s community wallet was drained of all assets following a security breach described as shocking and a little sketchy. 

The attack on the privacy coin’s wallet took place on Sept 1 but was not revealed until Nov 2 on GitHub. According to the company, the source of the breach remains unidentified and is still under investigation.

Monero’s developer, Luigi explained that a total of 2,675.73 XMR worth approximately $460,000 was stolen as a result of the incident.

“The CCS Wallet was drained of 2,675.73 XMR (the entire balance) on September 1, 2023, just before midnight. The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach.”

What has been revealed so far 

Developers Luigi and Ricardo “Fluffypony” Spagni are the two with access to the seed phase and have so far released a timeline of events and possible scenarios for the issues.

The wallet was created in 2020 to fund development proposals from community members on the advancement of the platform. Between 2020-2023, a single Ubuntu system was used to run a Monero node with a hot wallet on a Windows 10 Pro Laptop.

On May 10, 2023, Luigi made the final transfer from the CSS wallet to the hot wallet and between Sept 1 and Sept 2, a string of nine transactions led to all assets being wiped out.

According to Luigi, he discovered the hack when he logged into the CSS wallet to see only 4.6 XMR which came earlier through a donation by Lovera. Although very little has been released to the public and the devs are in shock by recent developments, the task posed to the team remains to find out how it happened and the future of CSS alongside its structure.

Fluffypony commented that the wider attacks might have caused it since April due to compromised keys adding that there might be a possibility that other wallets are at risk and the company has taken precautions. 

Community members are stunned but express optimism 

The crypto market has suffered several incidents relating to the activities of bad actors resulting in the loss of clients’ funds. While losses may lead to millions, some of them are eventually recovered due to tracing, forensics, and in worst cases, a deal with the hacker.

So far Monero’s community has expressed shock and sadness over the incident but continues to find proper solutions and new methods while thanking the devs for their honesty. 

Community member “lazios” gave another narrative of the origin of the incident. “Luigi makes payment from the hot wallet and tops it up from CSS Wallet (via SSH), occasionally as needed.” Does this mean that the private keys for the CSS wallet are on an online Ubuntu server? If yes, that’s where the compromise happened,” he added.