The hacking incident occurred on September 1, but Luigi, the developer of Monero, did not publicly disclose the incident at the time.

The CCS wallet was initially installed in 2020 on a computer running the Ubuntu operating system and configured with a Monero node.

The Monero community crowdfunding wallet was attacked and the amount stolen was 2,675.73 Monero (XMR), worth approximately $460,000 at the time. The hack occurred on September 1. However, Monero developer Luigi did not publicly disclose the incident on GitHub until November 2. Additionally, he noted that the specific source of the breach has yet to be determined.

Monero’s Community Crowdfunding System (CCS) is designed to provide financial support for members’ development plans. For Monero developer Ricardo Spagni, the attack was unfair because the stolen Monero could have been used by contributors to pay for basic living expenses, such as rent or food.

nine separate transactions

Only Luigi and Spagni know the mnemonic phrase of the CCS wallet. According to Luigi’s article, the CCS wallet was installed in 2020 on a computer running the Ubuntu operating system, which was also configured with a Monero node.

Since 2017, Luigi has been donating money to Monero community members using a hot wallet on his desktop computer running the Windows 10 Pro operating system. The CCS wallet provides financial support to this hot wallet when needed. However, by September 1, 2023, the CCS wallet was emptied in 9 separate transactions. Monero’s development team has proposed using a general fund to cover unpaid debts.

Spany said:

“It is entirely possible that this is related to the attacks we have had since April, as these have included various compromised keys such as Bitcoin wallet.dat files, various hardware and software generated seeds, Ethereum pre-existing Selling wallets, etc., including XMR that has been emptied."

Other developers have speculated that the vulnerability may stem from a wallet key on the Ubuntu server that may be publicly accessible.