November 8, 2023 at 06:52AM
Monero Project’s community crowdfunding system (CCS) wallet was drained of 2,675.73 XMR, amounting to around $437,000, in September. The project suspects that the breach is related to ongoing wallet-draining attacks since April. The team is investigating the breach and has taken additional security measures to protect other wallets. Atomic Wallet and MetaMask have also experienced wallet-draining attacks, with the Lazarus Group suspected as the perpetrator. The method used to access the wallets and the source of the breach are still unknown. LastPass, though suspected, denies any connection between its breach and the ongoing attacks.
Key Takeaways from the Meeting Notes:
1. The Monero Project had one of its wallets drained in September, resulting in a loss of approximately $437,000.
2. The breach occurred in the project’s community crowdfunding system (CCS) wallet.
3. The Monero team suspects that the breach may be related to ongoing wallet-draining attacks they have experienced since April.
4. The stolen funds were taken in nine separate transactions within a span of nine minutes.
5. Other wallets associated with Monero were not affected, including the general fund.
6. Additional security precautions have been implemented, such as enabling multisig for transactions.
7. The attackers may not be aware of the nature of the funds they have stolen, which are donations meant for specific projects.
8. Similar wallet-draining attacks have been observed in other cryptocurrencies, with the North Korean Lazarus Group being attributed to some of them.
9. The method used by the Lazarus Group to breach wallets remains unknown.
10. Atomic Wallet, a victim of wallet-draining attacks earlier this year, has been working with cryptocurrency exchanges and forensic specialists to investigate and freeze stolen funds.
11. LastPass, a password manager, has been implicated in the breach and theft of wallet seeds used in the attacks.
12. LastPass denies any direct involvement and claims there is no evidence linking their breach to the ongoing wallet-draining attacks.
13. The specific method used by the attackers in these wallet-draining attacks is still undetermined.