Monero (XMR), a cryptocurrency with a focus on the privacy of its users, has been the victim of a Sybil attack. Riccardo Spagni, the platform’s lead developer, released a statement revealing some details about this disastrous incident.
In Spagni’s words, a “pretty incompetent attacker” deployed a Sybil attack on the platform, which involves seizing a network through an excess of accounts, network node, or devices. The developer also mentioned that the hacker tried to associate transactions with the IP address of the network node that approved some transactions, although it was unsuccessful.
It should be noted that Monero transactions are actively protected by three advanced privacy mechanisms, such as encryption of public signatures, secret addresses, and confidential transactions.
Spagni added that this kind of attack could be deployed against networks of other virtual assets, although it also notes that it is completely possible to prevent or contain these possible attacks. The famous developer claimed that the biggest measure against such an attack is that the network node that approves transactions is using Tor or I2P.
Monero developers seem to be prepared against many other attack variants. In 2017, the developers launched the Dandelion security system, which is capable of containing all kinds of attacks against network transactions.
Spagni eventually mentioned that the hacker would have deployed a Sybil attack capable of covering thousands of network nodes, so he recommended that concerned network members run their network nodes based on the Tor browser.
Transactions on the Monero network are known to offer 100% privacy, especially when combined with the Tor browser. While this is attractive to users, this has become a concern for regulatory authorities. The U.S. Internal Collection Service (IRS) has even offered rewards to researchers who are able to violate Monero’s privacy, although no one has been able to develop a functional method for this task.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.