Back to Vulnerability database

A bug in the Monero wallet balance can enable theft from exchanges

ID Submit date Publish date Author Score
1 10.26.2018 10.29.2018 Jason Rhinelander (jagerman) 10.0

Decription

Summary: A Monero bug (already fixed in master) allows theft from exchanges. This has been exploited again a Monero-derived coin, so the exploit may be underway currently. Description: (fluffypony: Also please mention you spoke to me and I recommended you put it on HackerOne) Bug also extends to exchanges: a transfer of, e.g., 1 XMR to an exchange with a duplicated TX pub key will show up on an exchange as a 2 XMR deposit, which then allows the attacker to withdraw 2 XMR from the exchange's wallet. An attacker could exploit this repeatedly to siphon of all of the exchange's balance. Vector:BVSS:1.1/B:S/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/CI:N/II:H/AI:H

Component

Wallet

Platform

Monero

Subclass

Business Logic Missing

Comments