My first comment here I couldn’t get my post to submit on reddit (don’t like Tor IP?)
I was browsing X on my phone searching for monero tags to catch up on news and it popped up on my feed no likes no shares. Real or fake? Wth is this antidarknet stuff? Something monero developers should be informed about or nah? anyone tried it?
I couldn’t submit to archive.org the link here’s what it said
Monero 0-day. The Black Marble Attack. How we did it
https://antidark.net/board/viewtopic.php?t=10
#monero #darknet #darkweb #moretocome
??
TLDR; The attacker is trolling or very ignorant or law enforcement.
The attacker;
- doesn’t know;
- DoS’ing isn’t 0day and bug
- Dynamic block size
- CIA drug trafficking allegations (which is different from drug selling)
- Corrupt government structures (such as fiat money and others)
- Pharmacies also sell hard drugs
- calls “donation” to collateral damage
- thinks they’re “saving” our children
- complains official wallet is so slow when 200k sub-accounts used
- didn’t prove they really made the attack
The attacker; doesn’t know; DoS’ing isn’t 0day and bug -- **There is indeed a bug and it has been classified as such by the monero dev team. I'm talking about the fee selection bug that was fixed in the last wallet release. Whether it's 0day or not that's semantics. As it was pointed out on another board this same type of attack was first spotted in 2020 and as I explained there example PDF rendering vulnerabilities exist so when a new vulnerability is found and not reported it is a 0day. Same analogy. Whether you believe it is "0day" or not is irrelevant. No where does it describe how to do the "Black Marble" attack, we described it first.** Dynamic block size -- **Do your own research before talking? No? Read the comments here https://www.reddit.com/r/Monero/comments/1ebshvh/we_now_know_who_was_behind_the_recent_spam_attack/ then look at the analysis of the attack. There are ways to bypass it we're not as ignorant as yourself. ** CIA drug trafficking allegations (which is different from drug selling) -- **Okay? They sell drugs so we selling drugs is okay they kill we kill no problem logic? Hello 14th century.** Corrupt government structures (such as fiat money and others) -- **Relevancy? Trash talk.** Pharmacies also sell hard drugs -- **More nonsense non-related trash talk.** calls “donation” to collateral damage -- **Who was the collateral damage? Darknet market admins? Poor them they only got away with hundreds of thousands when they exited and left their customers and vendors out to dry.** thinks they’re “saving” our children -- **Better than doing nothing? What are YOU doing for that then?** complains official wallet is so slow when 200k sub-accounts used -- **Using the RPC it is slow and it shouldn't be. Imagine, I know imagination in your simpleton mind not possible but try hard for us here, you run an exchange. You have 10,000 making exchanges every day. 1000 of them use Monero in either direction. 1000 x 30 days that's 30,000 subaccounts for a month. In 3-4 months that wallet will be clogged up and won't be working correctly. And then you cry when shops or other places don't accept Monero. If it can't deal with high volume is it enterprise-ready? Basic logic says no.** didn’t prove they really made the attack -- **Take a look at the post once again. Try it out yourself. Post back the results. Really simple for the smoothest of brains to understand.**
Now that I’ve proven you’ve got no idea what you’re talking about, try again and this time try to use the thing between your ears.
This settles my limit for answering questions with hardened stupidity level for today.
- doesn’t know;
Am I reading this wrong, or did they just spend 30 grand to cause a temporary denial of service and call it a 0-day?
Partially. For the Monero blockchain itself this is basically it but the spam also enabled them to withdraw funds ($300k) from darknet markets multiple times in a row, since their withdrawal systems didn’t account for transactions being this delayed.
Which is undoubtedly an exploit, but it seems to be one in the exchange rather than one in Monero. Still a massive bug though, and I hate to say this but I kind of agree that any exchange that lets you do that shouldn’t be in business
Well, many of the exploited ones are already gone.
Its totally chill brah, hodl
We’re adding a clarification topic with answers to comments since Reddit has censored almost all of our responses.
You can read it here https://antidark.net/board/viewtopic.php?t=15
Someone please link to the github issue. That will be elucidating for all