Several binaries available on the official Monero webpage were compromised to steal cryptocurrency, announced Monero developers on a Reddit post from November 19.
According to the official announcement, the compromised binaries of CLI (command-line interface) tools were available for download on the official webpage “for 35 minutes” before the team provided “a safe fallback source.”
The malicious attack was spotted by active community members who noticed the mismatch of hashes – a common practice to check the integrity of the downloaded files.
One of the community members on Github, a user with the nickname Serhack, also confirmed that the malicious software was designed to steal cryptocurrencies, stating that “roughly 9 hours” after he ran the infected binaries, his cryptocurrency wallet became penniless.
Developers urged all users who downloaded software from the official webpage in last 24 hours to double-check the hashes of binaries. In case of a mismatch, the company warns against running the software. And if it is too late, it advises transferring the funds immediately to a safe version of Monero wallet.
This is not the first hacker attack to steal cryptocurrencies. For example, as COIN360 previously reported this fall, the CEO of Casa warned users that browser extensions could steal cryptocurrencies too, citing a recent report.