• Saki@monero.town
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    4
    ·
    1 year ago

    The linked article (and so AutoTL;DR) is not very accurate. If you’re interested in this incident, read the original post, which is short and compact. General media articles are only quoting or re-quoting this thread, typically with some misunderstanding.

    Specifically (about this post): Among other things, multisig is only suggested; nothing has been decided yet.

    Generally (in many similar articles): Probably a specific local machine was hacked, though no one really knows yet what happened. It’s unlikely that the Monero network itself was hacked.

    Since I’m a Monero supporter, obviously I tend to say good things about it, but frankly, the ironical fact here is, Monero is so privacy-focused that when something like this happens, it’s difficult to identify the attacker—i.e. by design Monero also protects the identity of the attacker. Some Monero users are having this weird, paradoxical feeling: it would be nice if we could catch this evil attacker, but being able to catch the attacker would be in a way very bad news for Monero (if you know what I mean) 😕

    • KᑌᔕᕼIᗩ@lemmy.ml
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      6
      ·
      1 year ago

      I used to be an old school supporter of cryptocurrency too, until that is when the scammers got their mitts into it and it went from a funny little technical hobby worth nothing to an overinflated shitfight that’s robbed many people of their life savings.

      Honestly, the entire cryptocurrency ecosystem is a parody of its former self and nothing the original inventors of it wanted it to become.

      • Saki@monero.town
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        1 year ago

        Exactly, except not “the entire”, but “almost entire”?

        Monero has been largely detached from CEXes, no companies, no middle men… Many users still have that idealism, a cypherpunk philosophy, that which Bitcoin tried to achieve originally. It’s community-based and crowd-funded… Some of that fund was stolen, so we’ve got to admit that the Monero community was not so smart after all… Yeah, a bit embarrassing tbh. To err is human, I guess.

        For example, we do have a zero-fee donation site kuno.anne.media and recently help some girl buy a laptop or doing things like that. Some of Monero users are idealists by nature, maybe silly dreamers or naive philosophers, but definitely not greedy HODLERs. Weird people, either way, haha 😅

        • EngineerGaming@feddit.nl
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          2
          ·
          1 year ago

          I actually used to think crypto is a “weird fad and some thing people use to try getting rich”. But then sanctions happened, and now I ADORE Monero. It allows me to easily pay for things I would’ve otherwise had to jump through hoops for. I am so happy that we at least somewhat have a payment system that can’t be controlled)

              • volleyballcrocodile@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                Thanks for the reply. Isn’t obtaining Monero more difficult then paying for those things on your card? Or are you doing it for the anonymity?

                • EngineerGaming@feddit.nl
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  I personally did it because sanctions made my card not work. So it was either paying with Monero directly, or finding a middleman and hoping he wouldn’t scam you, not to mention that the latter would probably have higher fees than a Monero seller. But once sanctions are gone, I would probably continue doing so, just because I prefer not to use my bank card at all)

          • Saki@monero.town
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Originally Bitcoin had nothing to do with “get rich quick”. It felt vaguely like Freenet. It was experimental, philosophical, mathematical, cypherpunk… Almost no one had imagined that investors were going to be interested in it and something like that fad would happen.

            Unfortunately it’s not easy to get Monero. In several countries, CEXes don’t support it (delisted). Besides, getting Monero from CEX is not ideal privacy-wise. So, a typical Monero user gets it no-KYC, without using CEX. Which is legal, but rather complicated. That’s why I wouldn’t recommend Monero to regular people.

            As you said, Monero is such a great way for payment in a practical sense. Very low fees (~1 cent, no matter how much you send), private (only you can authorize transaction, no need to get a permission from someone else). The community is relatively small (monero.town on Lemmy), but generally nice and cozy. We seldom, if ever, talk about investment… It’s so different from what people think when they hear “crypto”. It’s understandable that some people assume it’s just one of those alt sh*tcoins.

            • EngineerGaming@feddit.nl
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              I would not use CEX under any circumstances - they require submitting ID, and I would not trust a random company to keep such data safe. But yea, discovery of sellers is a problem. Was going to go with a Localmonero one before finding someone IRL who sells for cash.

              • Saki@monero.town
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                https://monero.town/post/894750 So you did f2f… Glad it works, though. But how to buy it is irrelevant to the OP and is off-topic, so we shouldn’t be talking about that here.

                Basically I’d never recommend anyone to buy a significant amount of crypto hoping that you can get rich quick with that. Yes, it might go up, but it may go down. Encouraging such sketchy gambling would be crazy and irresponsible, and more importantly that’s not the original purpose of this technology. Yet you already even know localmonero, so yeah, you’re simply one of us. If you’d like to you can join monero.town or subscribe it from your instance :)

        • KᑌᔕᕼIᗩ@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          4
          ·
          1 year ago

          I know exactly what Monaro is and you’re not looking at it objectively but as a holder and fan. But that’s okay I guess, as long as you’re not involved in the scams and just like it for what it is. However, you sound a lot like someone preaching about some religion to others and you should be aware of that.

          • Saki@monero.town
            link
            fedilink
            English
            arrow-up
            7
            ·
            edit-2
            1 year ago

            Sorry if I sounded unpleasant. I’m not holding Monero, I actually use it (just like one may use Paypal), is all. Still, as you can see I’m from Monero.town, so obviously I’m a fan. Guilty as charged!

            I’ve actually been “preaching” about privacy to my friends, but they’re typically like “Google is fine. I have nothing to hide.” Or about PGP (in vain). But I wouldn’t preach about (recommend) the privacy coin to regular people. Like you pointed out, it’s controversial and risky. As a long time user, I know too well about both sides of this.

      • deafboy@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        1 year ago

        The nice thing about the unregulated cryptocurrencies is that everyone loose exactly how much they deserve to loose. No more.

          • deafboy@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            There are words that I always spell out wrong unless I do a double check before posting.

            However, I’ve heard somewhere, that this is not necessarily a mistake. Just a language evolving. So I’m not fixing it. /s

            edit: Jesus, I did it twice. I wouldn’t be so mad if it wasn’t a post in which I try to act so smug.

      • JimmyBigSausage@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        9
        ·
        1 year ago

        So you were into “let’s invent a fake money so we can get other people’s money” as a thing?

        • KᑌᔕᕼIᗩ@lemmy.ml
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          2
          ·
          1 year ago

          I was into “cool techy nerd thing before it was used to fleece people” thing. When scammers started ripping people off with it we referred to them as shitcoins and a Bitcoin was worth basically nothing.

    • kartonrealista@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      1 year ago

      You have to be quite stupid to support crypto in 2023, after Luna, Ftx, NFTs, all the rugpulls and explicit pump and dumps, you morons just keep coming back for more. That last paragraph is pure comedy gold - you’re so close to self-awareness it’s hilarious.

      • All stablecoins are not stable and a scam, algorithmic ones can’t work, since they mimic death spiral financing, and the other ones just gamble their clients money
      • Every non-stable coin is just a bigger fool scam, since there is no use case for crypto, so no way to derive a non-speculative value (beyond selling illegal drugs, 419 scams, and couple of enthusiasts trading it personally as donations and the like)
      • Crypto destroys customer protections, to do a rollback a few bad transactions you have to convince the entire chain to back you and force a fork, creating an alternative, competing version of the economy
      • All consensus mechanisms are geared to allow the wealthy to control the crypto economy, whether it’s proof of stake, work or storage, since you can buy all those things with money. They also waste inordinate amounts of energy which translates to an exorbitant transaction cost compared to payment processors like Visa or MasterCard
      • Crypto gives great privacy protections to anonymous criminals and scammers and destroys privacy for anyone using the system as a honest user. If you used your crypto wallet as a bank account, anyone with whom you interacted on the blockchain in a non-anonymous capacity (like, idk, your boss at work, sending you your salary) knows your wallet address, and can figure out where your money is going. You can’t hide your dildo purchases or campaign contributions from your employer, no matter how many intermediate accounts you create, there will always be a trace. How fun
      • Crypto aims to prevent man-in-the-middle attacks, when most attacks nowadays are done through social engineering, which crypto makes trivial, due to it’s write-only nature. 419 “Nigerian prince” scammers love crypto - because just like their other favorites money transfer through Western Union or MoneyGram and gift cards it’s an irreversible payment method. If you pay with your bank account or PayPal, you can dispute transactions or get a chargeback, aside from forking the whole chain there ain’t no way you’re doing that with crypto. This also makes it perfect for retail scams.
      • Saki@monero.town
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        1 year ago

        I do agree most cryptocurrencies are scammy, or traded speculatively. It’s a free country, so one can do whatever they want to with their own money, but I personally think they’re like greedy gamblers.

        I’m a Monero user, not a trader, not an investor. I have Monero because I use it. I support it because I’m a privacy advocate. I’ve never even once used a CEX, totally unrelated to investment. Your points may be valid for those investor people, though.

      • n00b001@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        1 year ago

        You’re partially correct with some of these points.

        Theatge amount of energy you mention is really only relevant to proof of work. You’ve mentioned proof of stake etc - so you should know that. The energy requirements for “proof” techniques such as PoS is negligible

        Reversing transactions are ‘hard’/infesable - and so in a way they do help scammers - but I think it’s a false equivalence. It helps everyone. In my mind it’s like says “encryption helps terrorists”, that may be true, but it helps us all.

        Regarding on chain transaction transparency, there are some chains that are like this (bitcoin), and there are some chains that are not (monero). There’s also ways to anonymise transactions through mixers etc if you do care about that. Although, I don’t know of anyone that gets their salary into their crypto wallet.

        Overall, regulation is slow! But it’s getting there. I don’t think crpyto will solve all of.humans problems, but I might just help with some. It’s going to be interesting seeing how it all plays out - people thought it was going to be here and gone in a year, but it’s been over a decade now.

        • kartonrealista@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          Theatge amount of energy you mention is really only relevant to proof of work. You’ve mentioned proof of stake etc - so you should know that. The energy requirements for “proof” techniques such as PoS is negligible

          It can’t compete with payment processors. Proof of stake is also basically just oligarchy, while proof of storage is a waste of hardware. All of them center their validation process on big money investors, who either have a lot of hardware or a lot of money to stake.

          Although, I don’t know of anyone that gets their salary into their crypto wallet.

          So it would be useless for things normal money is useful for? Where’s the revolution in banking that I heard about? Banking the unbanked?

          Regarding on chain transaction transparency, there are some chains that are like this (bitcoin), and there are some chains that are not (monero).

          Here you provided users privacy at the cost of making criminals completely untraceable. Bravo.

          How about a bank account, where people who know you won’t know your transaction history but police can catch people participating in organized crime?

          I don’t think crpyto will solve all of.humans problems, but I might just help with some

          Which ones? I have not heard of one use case, only excuses from you guys.

          • n00b001@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            1 year ago

            TradFi has a few wealthy individuals that control banking

            You say PoS is an oligarchy, but it still offers anyone to participate in markets they previously were unable to. For example, providing liquidity and getting a cut of transaction fees - this is something TradFi has a monopoly on, but now everyday people can get a cut. You’re right that people with more money will have a bigger cut - but it’s still more equal than TradFi

    • brambledog@lemmy.today
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      5
      ·
      1 year ago

      As you yourself out it, the issue with monero is that it is designed to protect attackers.

      • Saki@monero.town
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 year ago

        I think I know what you’re trying to say, and that’s actually a difficult point. Privacy is double-edged.

        By that logic, you’d have to support chat control, e2e backdoor, eIDAS 45, etc. and ban Tor, Tails, VPN, BitTorrent, or encrypted communication in general because sometimes criminals can (and do) abuse such technology too. While such logic is understandable, I’m a privacy advocate and can’t agree with that. Most libre people, EFF, FSF, etc. have been fighting against that very logic for more than 20 years. I’m one of them.

  • HurlingDurling@lemm.ee
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    6
    ·
    edit-2
    1 year ago

    I’m just making a wild guess, but it was probably the North Korean Cyberattack Force. They have been behind some of the largest crypto heists before in order to get clams in the goverments coffers.

    The blockchain analytics provider attributed the attack to the North Korean state-sponsored Lazarus Group, which it says has stolen more than $2 billion across several heists.

    ( ͡° ͜ʖ ͡°) Nailed it

    • Saki@monero.town
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      The linked article is inaccurate and misleading. Your wild guess is based on that.

      Currently the best blockchain analytics publicly available about the incident is this by Moonstone, and even though it seems that the victim shared the secret key with them, nothing much is known due to the nature of the privacy coin. No way other analytics providers could tell more.

      Check the original source and some of the comments there before making an irresponsible accusation like the attackers must be North Korean (or Russian, Muslim, Romany, …). A knee-jerk suggestion like that does not only promote unfair racism/stereotypes, but it helps cover up the real mastermind. Although, it’s not your fault that the article is misleading, and we can’t rule out any possibility including what you suggested. The real problem here is this confusing, poorly-written article…

      • HurlingDurling@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        edit-2
        1 year ago

        Actually I based my wild guess at reporting that NPR did a couple of years back regarding different thefts of crypto and that the intelligence community determined it was a hacker group in North Korea that was supported and funded by their own government as a way to get around the sanctions.

        My subsequent confirmation came from reading the article, but I already had the same suspicions, however I will admit my error if it indeed turns out it wasn’t North Korea (haven’t been able to read the links you provided yet)

  • Flying Squid@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    Someone had imaginary money on a computer and someone else stole the imaginary money and that’s bad because the imaginary money has value in real money and I hate this timeline.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    This is the best summary I could come up with:


    The project’s maintainers have “taken additional precautions” to secure the other wallets associated with Monero, such as enabling multisig so more than one individual is required to sign off on any given transaction.

    In response to the attack, Atomic Wallet contacted victims to gather information about their setups in an attempt to determine the source of the breach, but has not yet publicized its findings.

    In October, Atomic Wallet revealed it was able to work with leading cryptocurrency exchanges to freeze $2 million in stolen funds related to the earlier incident.

    Tracking the wallet-draining attacks, Taylor Monahan, lead product manager/owner at cryptocurrency wallet software company MetaMask, said the profile of victims “is the most striking thing” and they’re all “reasonably secure” and reputable organizations.

    There is a wide diversity of cryptocurrencies and blockchains that have been successfully targeted, including Bitcoin, Monero, and Ethereum, and wallets with seed lengths of 12 and 24 words have both been breached.

    LastPass CEO Karim Toubba told The Register that there is no current evidence linking the company’s breach to the ongoing wallet-draining attacks.


    The original article contains 863 words, the summary contains 179 words. Saved 79%. I’m a bot and I’m open source!