According to Cointelegraph, Monero's community crowdfunding wallet was recently attacked, resulting in the loss of its entire balance of 2,675.73 Monero (XMR), worth nearly $460,000. The incident occurred on September 1 but was only disclosed on GitHub on November 2 by Monero's developer Luigi. The source of the breach has not yet been identified.
Monero's Community Crowdfunding System (CCS) funds development proposals from its members. The attack is particularly concerning as it affects funds that contributors may rely on for essential expenses. Monero's developer Ricardo 'Fluffypony' Spagni noted in the thread that the attack is 'unconscionable.' Luigi and Spagni were the only two people who had access to the wallet seed phrase.
The breach could have originated from the wallet keys being available online on the Ubuntu server, according to other developers. Pseudonymous developer Marcovelon suggested that Luigi's Windows machine may have been part of an undetected botnet, leading to the attack. Monero's core team is now calling for the General Fund to cover its current liabilities.
