Yes, Monero Was Attacked… But No, It Was Not “Broken”

A few days ago, a mysterious Twitter user claimed to have found the magic formula to crack Monero.

Fireice_UK shared a web address that “revealed” personal information of several Monero users, even including their sexual preferences.

The website in question, Monero BADCACA, features a table with the TxID of a Monero transaction, its city of origin, the node’s IP —perhaps not the sender’s, more on this later— and the person’s favorite porn based on the torrents they downloaded.

The Dark Side of Monero?

The site also has a FAQ. Fireice_UK claims to have been tracking the blockchain for some time and that the Monero development team knew about the project’s shortcomings, basically turning a blind eye to it and caring mostly about the money:

I have been logging Monero transactions for over a year now. Main reason why I decided to go public are blatant lies that there is nothing to worry about Ciphertrace and that Monero is private.

All things considered, how did the hacker get access to this information? Another tweet could be the key to the answer:  Unlike Ciphertrace, they got it from the nodes; basically intercepting the data before it spread through the network.

What Actually Happened

Riccardo “fluffypony” Spagni, who served for a long time as Monero’s lead developer, explained what happened in an extensive thread. TL;DR: It’s nothing alarming, and in fact, Monero’s very design makes it virtually impossible to identify the user with certainty.

A Sybil attack occurs when a malicious actor tries to obtain information from a user through various practices such as creating multiple accounts or nodes to intercept and block transactions. This can happen on many public blockchains, not just Monero.

Monero uses a transaction broadcast system called Dandelion++. Unlike Bitcoin —where a person usually broadcasts a transaction as quickly as possible to as many nodes as they can— in Monero, the transaction bounces off several individual nodes before one of them spreads it across the network.

how Dandelion++ works in Monero
How Dandelion++ works in Monero. Image: Bean Privacy

In short, the nodes can know the IP that spread the information, but are not sure if it’s the IP of who sent the transaction. In fact, intermediate nodes also don’t know if they are communicating with the sender or they’re just bouncing the information.

Therefore, the intercepted IP does not necessarily belong to the people involved in a transaction. Nor is it 100% real that fireice_UK has “broken” Monero. The amounts, addresses, and sensitive data associated with those transactions remained unknown. Equally important, what about the porn? Well: obfuscation methods like VPNs, Tor or i2p make it almost impossible to link a user to one of the IP addresses shared by BADCACA —but there’s always a chance.

Still Nervous?

Spagni explains that the hacker tried really hard in order to achieve such a difficult attack, but even after all the effort, the reliable information they were able to obtain was very little:

In other words, it seems like there is nothing to fear, but if the possibility of a Sybil attack worries you, just follow some essential tips:

  • Run your own node
  • Broadcast your transactions on a block explorer’s pushtx functionality
  • Use Tor or i2p
  • Get a girlfriend and stop downloading porn

Binance Futures 50 USDT FREE Voucher: Use this link to register & get 10% off fees and 50 USDT when trading 500 USDT (limited offer).