According to a warning published by Monero developers, the project’s CLI binary files were compromised at some point in the last 24 hours. The files were available at getmonero.org, and the issue was noticed and reported by several users. The users allegedly realized that the hash does not look right, which is why they reported it to the developers.
After briefly looking into the issue, developers have confirmed that the files were indeed compromised. Luckily, it appears that different CLI binaries only served for 35 minutes. Developers have changed them, and downloads are currently coming from a safer source.
Even so, this means that any user who may have downloaded the files in the last 24 hours may be compromised as well. Developers urged the users to compare the hashes of the recently downloaded files. Should the hashes be noticeably different, users should not run the files under any circumstances.
Users who downloaded the files should take precautions
Those who have already run the files are at risk of being hacked, and should immediately move their funds out of the recently opened wallets. Developers believe that the wallet that it online currently should be safe. Still, users should always check the hashes, just to be safe.
Meanwhile, Monero developers have started their investigation, promising to report any new findings regarding the incident. So far, there is no information regarding the identity of the party or parties responsible.
The incident comes less than two weeks before Monero’s upcoming hard fork, scheduled for November 30th. The hard fork will bring a new PoW algorithm, known as RandomX.
Monero’s current price sits at $59.14, after dropping by 4.56%. However, despite the incident, Monero’s price is still seeing a softer drop than most other coins on the list of largest cryptos. This indicates that the coin’s price was not impacted by the incident as harshly as it was expected, at least for now.