this post was submitted on 25 Jul 2024
19 points (85.2% liked)

Monero

1636 readers
27 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
[email protected]
19
Monero black marble 0day attack guide? Real or nah? (x.com)
submitted 2 months ago by [email protected] to c/[email protected]
25 comments fedilink hide all child comments
 

My first comment here I couldn't get my post to submit on reddit (don't like Tor IP?)

I was browsing X on my phone searching for monero tags to catch up on news and it popped up on my feed no likes no shares. Real or fake? Wth is this antidarknet stuff? Something monero developers should be informed about or nah? anyone tried it?

I couldn't submit to archive.org the link here's what it said

Monero 0-day. The Black Marble Attack. How we did it

https://antidark.net/board/viewtopic.php?t=10

#monero #darknet #darkweb #moretocome

??

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 2 months ago (13 children)

This attack highlighted several issues that have been addressed. The biggest issue was wallets not automatically raising the default fee which led to transactions getting stuck for hours. Without the bug, you would have paid 2 cents instead of 0.5 for a transaction and it would have been confirmed at regular speed.

[–] [email protected] 2 points 2 months ago (12 children)

What you're saying is it's a legitimate attack at the time of executing pre-new build that fixes the bug? Not a fake and they could've really made money exploiting it in badly coded illegal markets? Thanks for clarify

[–] [email protected] 2 points 2 months ago (11 children)

They made money through extortion, not by draining any wallets due to spam. There was spam and it did delay transactions for regular users due to existing wallet bugs that are now fixed. I can't really comment on badly coded markets, I assume they somehow broke their payment systems because they didn't account for long delays when receiving coins or also had the fee selection bug.

[–] [email protected] 2 points 2 months ago (1 children)

I'm seriously getting confused here sorry how didn't they make money with the attack but through extortion? Did they break payment systems with monero slowdown or they slowed down monero and extorted money or they extorted money not to attack the monero network? I cant find what you're referencing to

If they were able to use it as attack doesn't that make it actionable and jet who commented wrong?

[–] [email protected] 4 points 2 months ago

I was wrong, I didn't consider that their attack could drain badly coded DNM wallets by double-spending withdraw transactions.

load more comments (9 replies)
load more comments (9 replies)
load more comments (9 replies)