Several security vulnerabilities have been disclosed by Monero, including one that could have been exploited to steal xmr from exchanges, reports on the breach disclosure platform HackerOne revealed on July 3.
The vulnerability theoretically enabled attackers to send counterfeit xmr to an exchange. Once the fraudster’s account was credited, they could then convert it into other coins and make a withdrawal, leaving the exchange out of pocket.
Describing the critical breach they uncovered, the lead developer for CUT coin added:
“It is our belief that the vulnerability cannot be used to “mint” real, transactable monero out of thin air.”
A bounty of 45 xmr (about $4,000) was paid to the developer for their efforts.
Most of the vulnerabilities recently disclosed to HackerOne were identified a few months ago, but they have since been resolved.
In April, monero developers fixed a bug concerning the Ledger hardware wallet that made it look like user funds had disappeared.
The privacy-focused altcoin is 14th in the rankings of the biggest cryptocurrencies by market capitalization according to CoinMarketCap.
Infolinks.com, 3210366 , DIRECT
rubiconproject.com, 20322, RESELLER, 0bfd66d529a55807
google.com, pub-6373315980741255, RESELLER, f08c47fec0942fa0
google.com, pub-4299156005397946, RESELLER, f08c47fec0942fa0
Adtech.com, 11409, RESELLER
appnexus.com, 3251, RESELLER
Pubmatic.com, 158270, RESELLER,5d62403b186f2ace
sovrn.com, 268479, DIRECT, fafdf38b16bf6b2b
lijit.com, 268479, DIRECT, fafdf38b16bf6b2b
lijit.com, 268479-eb, DIRECT, fafdf38b16bf6b2b
aol.com, 6202, RESELLER
aol.com, 17744, RESELLER
lkqd.net, 295, RESELLER, 59c49fa9598a0117
lkqd.com, 295, RESELLER, 59c49fa9598a0117
Freewheel.tv, 482337, RESELLER
Freewheel.tv, 480609, RESELLER
appnexus.com, 7666, RESELLER, f5ab79cb980f11d1
rubiconproject.com, 156042, RESELLER, 0bfd66d529a55807
pubmatic.com, 156872, RESELLER, 5d62403b186f2ace
Rubiconproject.com, 20848, RESELLER, 0bfd66d529a55807
contextweb.com, 559988, RESELLER, 89ff185a4c4e857c
districtm.io, 101519, RESELLER
indexexchange.com, 175407, RESELLER
33across.com, 0010b00002CpYhEAAV, RESELLER, bbea06d9c4d2853c
rubiconproject.com, 16414, RESELLER, 0bfd66d529a55807
pubmatic.com, 156423, RESELLER, 5d62403b186f2ace
rhythmone.com, 2439829435, RESELLER, a670c89d4a324e47
indexexchange.com, 185506, RESELLER
sovrn.com, 257611,RESELLER, fafdf38b16bf6b2b
EMXDGT.com, 68, RESELLER, 1e1d41537f7cad7f
rubiconproject.com, 17262, RESELLER, 0bfd66d529a55807
indexexchange.com, 184311, RESELLER
google.com, pub-5617098146054077, RESELLER, f08c47fec0942fa0
spotx.tv, 74964, RESELLER, 7842df1d2fe2db34
openx.com, 540362347, RESELLER, 6a698e2ec38604c6
advertising.com, 24831, RESELLER
appnexus.com, 10736, RESELLER