Monero has disclosed multiple vulnerabilities on its platform, and as a result, the Altex exchange is temporarily suspending its trading service following the discovery that the bug had led to large losses for users of the small exchange.
Monero participates in the HackerOne bug bounty program, wherein white hat hackers can be paid for discovering security vulnerabilities in participating technology companies.
Yesterday, one such hacker announced that they had discovered a vulnerability in Monero’s wallet platform which allowed attackers to manipulate displayed exchange data to misrepresent withdrawals and thereby steal from exchanges which traded on Monero.
One such exchange is Altex, who announced that they have suspended trading on their exchange following a review which concluded that a large amount of theft had come from exploiting the bug, which has now been fixed.
Because Altex is a small exchange, they did not have enough developers to quickly address the vulnerabilities that Monero presented, even though there was no actual problem with the exchange code. This is something of an object lesson for crypto traders- with so many moving parts involved in trading crypto (different exchanges, coins, and wallets), there is a variety of potential points of attack for hackers. With the crypto ecosystem increasingly diversified, it is increasingly difficult for all of the decentralized and numerous crypto platforms to be able to fully ensure their security, and to quickly move to respond to vulnerabilities.