luigi1111 discloses critical breach: 'CCS Wallet was drained of 2,675.73 XMR'

Monero Core Team member luigi1111¹ has reported² a serious incident that occurred on September 1st 2023 and which resulted in the loss of 2,675.73 XMR from the main CCS wallet³:

The CCS Wallet was drained of 2,675.73 XMR (the entire balance) [..] The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach. [..] How do we achieve CCS continuity for existing contributors? Core team is in favor of covering existing liabilities from the General Fund.

Join #monero-community⁴ discussions and consult -meta issue #916² to learn more about the issue.

This is an ongoing story and the report will be updated when new information is available.

Update 23/11/3: the GF will be used to cover the loss, according to plowsof’s -site PR #2208⁵; completed proposals should start receiving payments today, per luigi’s comment⁶; added address of compromised wallet for reference³.

Update 23/11/4: ‘Postmortem of Monero CCS Hack: A Transaction Graph Analysis’ report published by Moonstone Research⁷.

Update 23/11/19: core/Seraphis dev proposals in the ideas stage will be funded (probably from GF)⁸.

Update 23/12/06: the GF wallet received an anonymous donation of 2696.73 XMR⁹.

Update 23/12/20: luigi1111 provided the disk image for the drive and the memory dump for the ubuntu server to HackerIndustrial for ‘forensics work’¹⁰.

Update 23/12/22: luigi1111 created a new temporary CCS wallet¹¹.