The developers of the privacy-oriented cryptocurrency Monero (XMR) revealed information about nine vulnerabilities. One of them could allow hackers to display cryptocurrency from exchanges.
Up until March, the malicious miners of Monero had the opportunity to create special blocks that could allow the transfer of fake deposits to the XMR. At the same time, the attackers themselves could set the amounts for crediting.
“In our opinion, this vulnerability could be exploited to steal funds from exchanges,” said one security researcher who later received 45 XMR for his discovery. In addition, the developers reported five DoS attack vectors. One of them was marked as “critically significant.”
All these problems were identified a few months ago, but information about them was disclosed only now. Most of the vulnerabilities are now fixed.