![](https://monero.town/pictrs/image/7a39cc04-b40d-4aac-a842-c34d5242e52e.webp)
![](https://monero.town/pictrs/image/a5e4fa35-1fb9-41c5-a621-82531923d2fe.webp)
Well, many of the exploited ones are already gone.
Well, many of the exploited ones are already gone.
Partially. For the Monero blockchain itself this is basically it but the spam also enabled them to withdraw funds ($300k) from darknet markets multiple times in a row, since their withdrawal systems didn’t account for transactions being this delayed.
I was wrong, I didn’t consider that their attack could drain badly coded DNM wallets by double-spending withdraw transactions.
Yeah sorry, I had not considered draining market wallets as an option. Thanks for the pentest, it greatly pushed FCMPs and high-throughput research forward!
They made money through extortion, not by draining any wallets due to spam. There was spam and it did delay transactions for regular users due to existing wallet bugs that are now fixed. I can’t really comment on badly coded markets, I assume they somehow broke their payment systems because they didn’t account for long delays when receiving coins or also had the fee selection bug.
This attack highlighted several issues that have been addressed. The biggest issue was wallets not automatically raising the default fee which led to transactions getting stuck for hours. Without the bug, you would have paid 2 cents instead of 0.5 for a transaction and it would have been confirmed at regular speed.
The DDoS is still ongoing but we could disable the captcha without lemmy crashing 🫡
Oh I just put that there for the video 😆
wider attempt
For sure. Trocador, monerocom & haveno have also been hit. No idea why they would attack this tiny lemmy instance but I’ve learned a lot so I guess I should be grateful.
It’s still pretty broken on mobile and federation doesn’t work but it is a start :)
No reason to lose hope, I started this for ideological reasons and I won’t just stop now because of a DDoS.
Now that’s some pure fud.
The Reto fork made exclusively changes as required by the haveno setup guide, seems to me the source of this just wants to set up their own network.
Am stoned af
Cut the guy some slack, I can promise you that most people involved with Monero would never support ideas like “let’s create our own government”.
Running the latest, unmodified release from https://github.com/LemmyNet/lemmy
As you’ve already hinted at, that JS is most likely related to the PWA part of lemmy.
1 condition from my side: Don’t ever talk about what you are going to use the Monero for or where you’ve gotten it from, otherwise I’ll have to ban you from here.
12 upvotes, only 3 out of the downvotes come from this instance.
If there are many votes but the total is only -1 or 0 I mainly post these to show that there is more engagement than it seems.
The data is public anyways, just not shown by the default lemmy ui. I put it below posts that stick out to me but you’re right, this wasn’t a case of “downvote-because-crypto” and unnecessary.
Login with X, why did they collect emails beforehand 💀
A little off-topic but I guess proton called Monero a shitcoin so it’s a little tiny bit on topic ;)