Ryo shares a bug in Monero software; fix is already awaiting review

Security • March 5, 2019, 3:00PM EST

UPDATED: March 5, 2019, 6:30PM EST

Partner offers

The team behind Ryo has shared a potential vulnerability in Monero wallet software. According to a Medium article posted from the official Ryo Cryptocurrency account, the bug could allow hackers to make fake deposits to exchanges.

As shared in the post, the exploit uses an “extremely insecure design” in RingCT, which allows for the amount shared with the user to be different from the amount checked by the network. In one specific case, where the transaction includes a non-null rct signature, “the attacker can make it appear as if he deposited any sum of his choosing to an exchange”, Ryo writes.

Since the post’s publication, Monero has published a temporary workaround for the exploit, followed by an upcoming patch which will include a proper fix for the issue.

WHO WE ARE

The Block is a news provider that strives to be the first and final word on digital assets news, research, and data.

+ Follow us on Google News

Connect with the block on

More by Carol Gaszcz

Scammers send emails impersonating FCA, offering 'guaranteed' cryptocurrency investment opportunity

July 23, 2019, 12:31PM EDT

Bitcoin

49% of Americans have a cash-back credit card, survey shows

July 23, 2019, 11:20AM EDT

The Block

Latest Crypto News

Institutional buyers ‘nibbling’ as crypto selloff widens, but analysts warn final shakeout may not be done

Tom Lee's BitMine to begin offering annual dividend as ETH treasury mNAV dips

The Daily: Crypto selloff deepens, JPMorgan blames retail BTC and ETH ETF outflows, 24-hour liquidations top $2 billion, and more

Coinbase to acquire Vector.fun, the Tensor-built Solana trading platform, to advance 'everything exchange' vision