this post was submitted on 02 Nov 2023
53 points (96.5% liked)

Monero

1662 readers
9 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 

Timeline of events

In the last Monero General Fund transparency report in March 2023, the General Fund held 8452 XMR. As far as we know, this separate wallet is safe and unaffected. It would be possible to pay people with active CCS proposal from the General Fund, but nothing has been decided.

you are viewing a single comment's thread
view the rest of the comments
[–] shortwavesurfer@monero.town 8 points 1 year ago (1 children)

FUUUUCK! will be very interested to see what is found that caused the breach.

[–] UncleIroh@merovingian.club 3 points 1 year ago (1 children)

@shortwavesurfer @Rucknium

Seconded.

With only 2 known keyholders and likely 1 single person with physical access to the Qubes laptop, and where the whole key and wallet were probably stored in a standalone offline vault-vm, what the fuck happened?

[–] UncleIroh@merovingian.club 4 points 1 year ago (2 children)

@shortwavesurfer @Rucknium

I see. They held the hot wallet on Windows fucking 10.

Unbelievable. Opsec? What's Opsec?

[–] UncleIroh@merovingian.club 2 points 1 year ago

@shortwavesurfer @Rucknium

As pointed out in the github thread by someone, the more useful opsec flow should have gone something like this.

And make the offline computer an offline vault-vm on a non-internet Qubes laptop .

[–] tusker@monero.town 2 points 1 year ago (1 children)

How anyone that understands crypto is using windows in the year 2023 is beyond me. You cannot fix laziness with FOSS.

[–] UncleIroh@merovingian.club 1 points 1 year ago

@tusker

It's worse than that.

Fiscal responsibility alone dictates that you have a duty to create a public Opsec Charter of sorts.

And that's nothing to say of an ideological-FOSS duty to create the same.

This reeks of more than incompetence.