Ledger Devs Post Warning About Monero Client After User Reportedly Loses 1,680 XMR to Bug

Published at: March 4, 2019

The Ledger developers team posted a warning on Monero’s (XMR) subreddit on March 4 advising users not to use the Nano S Monero app.

Apparently, a bug associated with the app had been discovered when, earlier today, user MoneroDontCheeseMe posted on Reddit a claim that he or she believes to “have just lost ~1680 Monero [around $80,000] due to a bug.” In the account, the user stated that after transferring about 0.000001 XMR from the Ledger to a view-only wallet, the user sent another 10, 200 and then 141.9 XMR.

According to the report, before sending the last transaction, MoneroDontCheeseMe had about 1,690 XMR in the wallet and 141.95 XMR in an unlocked balance, which is why he or she decided to send 141.9 XMR. Still, after the transaction, the user’s wallet is reportedly showing a balance of 0 XMR.

Furthermore, according to the Reddit user, the amounts sent and the transactions recorded on the blockchain “don’t line up.” MoneroDontCheeseMe wrote that the 200 XMR transaction actually deducted 1691.001 XMR from the Ledger Wallet, and also that the amounts reported for the 10 XMR transaction are incongruous.

In the comments to the post, Nicolas Bacca, chief technical officer at Ledger, stated that the most likely scenario — given how extensively the app has been tested — is a synchronization issue. Still, the warning issued later specifying a change address problem confirmed that this was not the case.

About two hours later, Ledger developers published the aforementioned warning on the Monero subreddit, and the official Monero Twitter account retweeted a tweet containing a link to the warning submitted by the official Ledger Twitter account. The warning post specifies that the problem presents itself when using the latest version of Monero client with application 1.1.3.

Monero team members have not answered Cointelegraph’s request for comment by press time.

Per CoinMarketCap data, Monero is the 13th biggest cryptocurrency by market cap, equivalent to over $800 million at press time. It is particularly known for his focus on privacy, as well as use by hackers in cryptojacking malware. In February, news broke that a new hacking tool is propagating throughout the online community of Windows’ users in an attempt to install cryptocurrency mining malware that mines XRP.

As Cointelegraph reported at the end of last year, researchers have reportedly shown how they were able to hack crypto wallets Trezor One, Ledger Nano S and Ledger Blue at the 35C3 Refreshing Memories conference. However, the next day, Ledger released an announcement stating that they regret that the researchers hadn’t disclosed the findings responsibly and that the discovered vulnerability is not critical.

Tags
Related Posts
Monero Developers Confirm Fix of Bug That Lost Balances for Ledger Wallet Users
Monero (XMR) developers have fixed a bug involving cryptocurrency hardware wallet Ledger that made user funds look like they had disappeared, they confirmed on social media on April 8. Reported in early March, the bug, which Ledger originally thought to be a synchronization problem, first came to light when a user’s balance failed to react to an incoming transaction. The problem only affected those using Ledger Nano S devices to access their XMR wallet. As of this week, the issue has officially been resolved through the issuance of a patch from Monero developers luigi1111 and stoffu. The amount thought to …
Altcoin / April 9, 2019
Hardware Wallet Ledger Nano S Announces Support for Monero
Cryptocurrency hardware wallet manufacturer Ledger has updated its support of altcoin Monero (XMR) for its Nano S device, the company confirmed in a press release shared with Cointelegraph Nov. 29. The French company, which along with Trezor and KeepKey is one of the oldest hardware wallet manufacturers in the industry, said the Nano S was already compatible with Monero’s latest GUI 0.13 release. “We are thrilled to welcome another top-ten cryptocurrency to the Ledger platform with Monero,” CEO Eric Larchevêque commented, adding: “With this addition, Ledger devices now cover 90% of the entire crypto market capitalization.” Like its competitors, Ledger …
Altcoin / Nov. 29, 2018
Open-Source Club: Monero Dodges Yet Another Attack With Community’s Help
This week, the developers of Monero (XMR) patched a bug that could allow an attacker to ‘burn’ the funds of an organization’s wallet. The breach was initially revealed by a community member, and XMR developers were quick enough to fix it before any damage was done. Anonymity above all: How Monero works Simply put, Monero (XMR) is a cryptocurrency like Bitcoin (BTC), but with an additional focus on anonymity. It was established in 2014, when bitcointalk.org user thankful_for_today forked the codebase of Bytecoin into the name BitMonero. To establish the new coin, he used ideas that were first outlined in …
Altcoin / Sept. 28, 2018
Government Sites in India Among Prime Targets for Cryptojacking, Research Shows
Official government websites have become a prime target for cryptojacking in India, The Economic Times (ET) reports today, September 17. Cryptojacking is the practice of infecting a target with malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. New research from cybersecurity analysts reportedly reveals that widely trusted government websites – including those of the director of the municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality – have become the latest to be exploited by the practice. Security Researcher Indrajeet Bhuyan told ET that: “Hackers target government websites for …
Altcoin / Sept. 17, 2018
Hacked Crypto Exchange Coincheck Confirms Removal of Four Anonymity-Focused Altcoins
Recently hacked Japanese crypto exchange Coincheck will end trading for four privacy-oriented cryptocurrencies, Monero (XMR), Zcash (ZEC), Dash (DASH), and Augur (REP), Cointelegraph Japan reported May 18. Following reports from back in March, the exchange has now officially confirmed the removal of the four anonymity-focused coins will come into effect June 18. According to Coincheck’s blog, the exchange will remove the four cryptocurrencies to comply with counter-terrorist financing (CFT) and anti-money laundering (AML) measures recently issued by Japan’s financial regulator, the Financial Services Agency (FSA). The FSA has been especially active in regulating domestic crypto exchanges, specifically around customer protection, …
United States / May 20, 2018