According to reports from a project developer, Riccardo Spagni, Monero was targeted by an attempted Sybil attack. The good news is that the attack did not play out as planned.
How the Attempt Was Made By the Hacker
As highlighted by the project developer Spagni, an anonymous hacker ran several nodes in a bid to breach the privacy of some Monero (XMR) users.
Afterward, the attacker tried to record IP addresses and associate them with certain transactions in order to breach their user privacy.
A bug associated with Monero was exploited by the attacker in the course of his criminal activity, which increased his chances of ending up in a legitimate node’s list of peers.
The Attack Wholly Failed
However, the hacker could not achieve his goal. Spagni terms the attacker’s attempts as incompetent” and “clumsy.” He added that the attacker failed in his attempt to exploit any of Monero’s on-chain privacy features, which includes shielded transactions.
According to Spagni, although the attacker’s attempt failed, the attack was carried out in an unusual manner. He thinks similar attacks could be attempted on many digital currencies and privacy coins.
Recommendation for Monero (XMR) Users’ Protection
In order to avoid becoming a victim of such attacks, the project developer advised Monero (XMR) users to broadcast their transactions via Tor or i2p. The blacklist of addresses related to the attacker has been released by Monero, which is expected to mitigate future risks.
According to the report, only Monero users that are running a full node were the targets of the anonymous attacker. Users who are using a light wallet were not affected.
A Surveillance Company Likely Carried Out the Attack
The person behind the attack cannot be ascertained at the time of writing, but there is a possibility that the attack was perpetrated by a surveillance company.
It can be recalled that the United States government has, a few weeks ago, contracted two analytics firms in a bid to breach the privacy of the Monero network. So, it’s likely that one of the two firms was responsible for the attempted attack.