The Monero (XMR) team announced on September 1, 2023 that the Community Crowdfunding System (CCS) Wallet was hacked. Although the attack took place at that time, its announcement was made recently.
The Monero (XMR) team announced on September 1, 2023 that the community crowdfunding system (CCS) Wallet was hacked. The attacker managed to steal the entire balance of 2,675.73 XMR, or approximately $384,000. The source of the vulnerability has not yet been determined, and cybersecurity firm SlowMist has stated that it is unlikely to be caused by a loophole in the Monero privacy model.
The attacker managed to reset the balance of the Monero CCS Wallet, which contained 2,675.73 XMR altcoins in nine separate transactions.
Moonstone Research took on the task of investigating how the attacker moved these funds. The security company's analysis yielded some interesting results. They were able to precisely trace three of the attacker's transfers.
Two months after the attack, a Monero developer named Luigi (one of two people with access to the wallet seed phrase) announced on Github that the wallet had been completely emptied. According to Luigi, he only realized this a month after the theft.
The other person with access to the wallet is “fluffypony,” a former Monero developer named Ricardo Spagni. He surrendered to US authorities in July 2023 for extradition to South Africa, where he was charged with invoicing fraud against a cookie company.
*This is not investment advice.