Ledger Client Address Issue and Fake Deposits: Community Spots Two Vulnerabilities Related to Monero

gepubliceerd op by Cointele | gepubliceerd op

This week, at least two seperate bugs related to Monero were reported by crypto community members.

Monero has considerably more privacy features compared to conventional cryptocurrencies like Bitcoin: On top of being a decentralized coin, Monero is designed to be fully anonymous and virtually untraceable.

On March 3, user MoneroDontCheeseMe started a Reddit thread, claiming that he or she believes to "Have just lost ~1680 Monero due to a bug" while using the Monero app with his or her Ledger hardware wallet.

Several hours later, Ledger developers published a warning on the Monero subreddit, advising users not to use the Nano S Monero app because "It seems there is a bug with the change address."

The official Monero Twitter account has since retweeted Ledger's tweet containing a link to the warning.

Cointelegraph reached out to MoneroDontCheeseMe to ask him or her whether this issue is being fixed by Monero or Ledger developers, but he or she appeared hesitant to answer straight away and requested more time.

According to the post, an email reportedly sent to the Monero Announce mailing list warned platforms using the coin that the Monero Vulnerability Response team received a disclosure concerning a vulnerability.

As binaryfate explained to Cointelegraph, first, somebody made a responsible disclosure following the Monero Vulnerability Response Process.

A few hours later, the official Monero account tweeted that the fix for the vulnerability had been written and was awaiting review.

Thus, in September 2018, Monero developers successfully eliminated at least two bugs that were reported on its subreddit page.

x