**Rucknium** @[email protected] · Nov 02, 2023, 16:38

**Rucknium** @[email protected] · Nov 02, 2023, 16:38

Rucknium @[email protected]

Nov 02, 2023, 16:38

Rucknium @[email protected]

Almost entire balance (2675 XMR) of Community Crowdfunding System (CCS) Monero wallet has been stolen

https://monero.town/post/983106

**shortwavesurfer** @[email protected] · Nov 02, 2023, 17:51

**shortwavesurfer** @[email protected] · Nov 02, 2023, 17:51

Nov 02, 2023, 17:51

shortwavesurfer @[email protected]

FUUUUCK! will be very interested to see what is found that caused the breach.

**Uncle Iroh ☑️** @[email protected] · Nov 03, 2023, 02:20

**Uncle Iroh ☑️** @[email protected] · Nov 03, 2023, 02:20

Nov 03, 2023, 02:20

Uncle Iroh ☑️ @[email protected]

@shortwavesurfer @Rucknium

Seconded.

With only 2 known keyholders and likely 1 single person with physical access to the Qubes laptop, and where the whole key and wallet were probably stored in a standalone offline vault-vm, what the fuck happened?

**Uncle Iroh ☑️** @[email protected] · Nov 03, 2023, 02:28

**Uncle Iroh ☑️** @[email protected] · Nov 03, 2023, 02:28

Nov 03, 2023, 02:28

Uncle Iroh ☑️ @[email protected]

@shortwavesurfer @Rucknium

I see. They held the hot wallet on Windows fucking 10.

Unbelievable. Opsec? What's Opsec?

**Uncle Iroh ☑️** @[email protected] · 2023-11-03T02:36:24Z

Uncle Iroh ☑️ @[email protected]

@shortwavesurfer @Rucknium

As pointed out in the github thread by someone, the more useful opsec flow should have gone something like this.

And make the offline computer an offline vault-vm on a non-internet Qubes laptop .

166693f3381116c2.png

Nov 03, 2023, 02:36 · · · ·

Resources

Developers

What is Mastodon?

merovingian.club

More…