- Monero was targeted by an attack today that could have compromised the privacy of some users.
- However, the attack failed to achieve its goal: linking IP addresses and user identities.
- The identity of the attacker is still unknown.
Share this article
Attacker Targeted IP Addresses
As explained by Spagni, an unknown attacker ran several nodes in an attempt to compromise Monero users’ privacy. In essence, the attacker tried to record IP addresses and associate them with certain transactions to compromise user privacy.
The attack exploited a Monero-specific bug that increased the attacker’s chances of ending up in a legitimate node’s list of peers.
The attack ultimately failed, though: Spagni describes the attacker’s attempts as “largely incompetent” and “clumsy,” adding that the attacker did not exploit any of Monero’s on-chain privacy features, such as shielded transactions or ring signatures.
Spagni says that, though the precise line of attack was novel, similar attacks could be performed against most cryptocurrencies and privacy coins. As such, Spagni recommends that Monero users broadcast their transactions through Tor or i2p. Monero has also released a blacklist of addresses associated with the attacker, which will reduce further risks.
It should be noted that the attack only affects Monero users who are running a full node, not users who have a light wallet.
Who Carried Out the Attack?
It is not clear who is responsible for the attack. One possibility is that a surveillance company carried out the attack. Given that the U.S. government has contracted two analysis firms to circumvent Monero’s privacy, it is plausible that one of those firms was responsible for the attempted attack.
Spagni alleges that firms such as Chainalysis have used similar techniques to monitor other blockchains such as Bitcoin.
However, he doesn’t believe that was the case in this attack.
Spagni says that Chainalysis “already has a relationship” with exchanges and says it can ask for information that the Sybil attack would have provided. “I don’t think they’d even bother,” he concludes.
Ultimately, the identity of the attacker remains a mystery.
Update: XMR-stak developer FireIce is now known to be responsible for the exploit; the developer claims the attack is still underway and has published the results on this page. Developers maintain that the exploit is largely ineffective.
Monero Scales Up 10% With Latest Upgrade
Monero will upgrade its network today, with the latest release of its node software, codenamed “Oxygen Orion.” Performance and Security Improvements This upgrade contains only one major change: a new…
What is Dogecoin?
So what is the story behind DOGE? How did it become the asset of choice for a group of anti-establishment retail traders in January 2021, and what are the chances…
Monero Faces Multi-Year Resistance as Technicals Scream Sell
Monero was one of the few cryptocurrencies that have been able to shrug off last month’s sell-off and advance to new yearly highs. On-chain data now suggests that the privacy…