Replying to Avatar Super Testnet

"send XMR to address"

that's what these folks did, and they got arrested:

The finnish guy: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack

The 18 japanese people: https://cointelegraph.com/news/monero-transactions-japanese-authorities-arrest-18-scammers

"Just sending xmr to an address" is also bad advice when the most popular monero wallets (cake wallet and monerujo) are known to have been unwittingly giving a list of nearly all their users' xmr transactions plus your ip address to Chainalysis: https://www.digilol.net/blog/chainanalysis-malicious-xmr.html

It is very easy to leak your personal info, especially your ip address, so do not "just send XMR to address" -- even the Monero website warns against this stupid "just use xmr" meme:

https://www.getmonero.org/get-started/faq/#anchor-magic

Avatar
Hanshan 11mo ago

Also for the reader

This guy has no way of knowing how many IP addresses chain analysis was able to get (if any) as a result of the Moneroworld reverse proxy malicious nodes.

To sum up:

CA is running malicious nodes.

They had succeeded in compromising and redirecting DNS records of a trusted but poorly maintained service to point to them. The above wallets listed those some of thiser nodes as options in their default node list.

Users sending a tx through those malicious nodes had the true input (a stealth address) to their transaction identified. And if they weren't connecting through a proxy their IP address.

Obviously less information then what would be leaked if you were connecting to a malicious Bitcoin node.

heres the video where CA breaks down the data. its good to be aware of the dangers and see their capabilities.

which are frankly minimal.

just use a proxy and connect to a trusted node.

https://v.nostr.build/D4Nzp22vRF35IRnz.mp4

Reply to this note

Please Login to reply.

Discussion

No replies yet.