4 Nov 2023 | Updated 9 Nov 2023 [CCS]

Moonstone Research publishes 'Postmortem of Monero CCS Hack: A Transaction Graph Analysis' report

Justin Ehrenhofer1’s new2 blockchain analysis firm, Moonstone Research3 has published a report titled Postmortem of Monero CCS Hack: A Transaction Graph Analysis4 which shares the results of an ongoing investigation into the recent CCS Wallet incident5:

Most notably, we were able to reliably trace forward through three of the attacker’s transfers. This report shows the information that we have learned in the first 24 hours of our investigation. Our knowledge should improve over time. [..]

The blockchain analysis firm apparently used the compromised wallet’s private view key and the disclosed transaction IDs to conduct the investigation.

This is an ongoing story and the report will be updated when new information is available.

Update 23/11/7: luigi told Monero Observer that the private spend key was not shared with Moonstone Research; apparently the firm only used the view key, which was already publicly available, and the tx IDs included by luigi in the original incident report.

Update 23/11/9: Justin Ehrenhofer discussed the report in more detail in an interview with Monero Talk6.

  1. https://nitter.net/JEhrenhofer 

  2. https://libera.monerologs.net/monero-community/20231104#c298344 

  3. https://moonstoneresearch.com/ 

  4. https://moonstoneresearch.com/2023/11/03/Postmortem-of-Monero-CCS-Hack 

  5. /luigi-discloses-critical-ccs-wallet-breach/ 

  6. /monerotalk-articmine-jehrenhofer-interview-ccs-incident/