Monero, the privacy centered coin released a security warning via r/Monero subreddit about a possible compromise in its CLI binaries system.
The message was posted by one of the Monero core team members which mentioned that they came to know about the issue when some of the users reported a mismatch in the hash of the CLI binaries they downloaded.
#Monero Security Warning:
— Monero || #xmr (@monero) November 19, 2019
When the core team looked into the issue, it turned out that the box was CLI binary box that was indeed tampered with. The post addressed the issue saying,
“It appears the box has been indeed compromised and different CLI binaries served for 35 minutes. Downloads are now served from a safe fallback source. Always check the integrity of the binaries you download!”
The post went on to ask other users to check their downloaded binary in the last 24-hours to check the integrity of the downloaded files and whether it matches with the listed hash. If the hash does not match, users were requested to avoid running it.
Those who have already run the file without checking for a mismatch, the post requested them to transfer all their funds from the compromised wallet using the safe version of the Monero wallet.