Trêvoid (OP)
Copper Member
Hero Member
Activity: 546
Merit: 631
trevoid.com █ No KYC / AML
|
On June 8, 2026, OpenMonero's main server was compromised by an attacker who gained root access through a local privilege escalation process. Approximately **200 XMR** was stolen, and the operator confirmed that all funds have been lost. This incident marks a recurrence, indicating that the platform has been "hacked again," rather than experiencing a breach for the first time.  |
|
|
|
TryNinja
Legendary
Activity: 3612
Merit: 10577
@ List of no-KYC websites: https://bitlist.co
|
 |
June 10, 2026, 08:56:26 PM |
|
Isn't this like the second or third time they have been hacked?  |
|
|
|
Charles-Tim
Legendary
Activity: 2324
Merit: 6416
Leading Crypto Sports Betting & Casino Platform
|
|
June 10, 2026, 09:04:37 PM |
|
Isn't this like the second or third time they have been hacked? Seriously? I have not heard of any hack about Openmonero before, only what I know about the platform is that it is decentralized. Maybe the hacks were of little amount of money like this one because if 200 monero was stolen, that is still less than $70000. This has been the lowest that I have read about before. |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
logfiles
Copper Member
Legendary
Activity: 2758
Merit: 2329
|
|
June 10, 2026, 09:22:34 PM |
|
Well, well... Why am I not surprised After the past sagas and hack stories. I don't think anyone serious would believe anything they say or even use the platform. Personally I am never going to use it. This is the reference to my first negative tag on their forum account - https://bitlist.co/topic/5522702Isn't this like the second or third time they have been hacked? it would appear it's the second time - https://bitcointalk.org/index.php?topic=5546081.0Seriously? I have not heard of any hack about Openmonero before, only what I know about the platform is that it is decentralized.
The claim whey were hacked according to this thread |
|
DΞX.fo | | | | | | ▄▄██████
█████████
██████████
██████████
██████████
█████████
▀▀██████
▄███████
▄██████████
████████████
█████████████
█████████████ | | | | ▄▄█
▄████▀
▄███▀█▄
▄██▀█▄██
█████▀▀█
████████
████████
▀██▄████
▄████▄▄█
▄█████▀███
▄█████▀████▀
█████▀███████
▀██▀█████████ | | | | | BTC XMR
DAI LTC
Fees 0.8% |
|
|
|
Zwei
Legendary
Activity: 2072
Merit: 1232
Trêvoid █ No KYC-AML Crypto Swaps
|
|
June 10, 2026, 11:20:55 PM |
|
Well, well... Why am I not surprised
After the past sagas and hack stories. I don't think anyone serious would believe anything they say or even use the platform.
the "hacker" blew thru all the funds they got the first time, and came back for more  i'm surprised anyone kept using them after the first hack. like why would anyone still use OpenMonero after what happened last year is beyond me. |
|
|
|
NotATether
Legendary
Activity: 2380
Merit: 9830
┻┻ ︵㇏(°□°㇏)
|
|
June 11, 2026, 09:22:07 AM |
|
Isn't this like the second or third time they have been hacked? So our red tags were accurate then. The claim whey were hacked according to this threadAnd then he made a big stink on here about DT members ruining his site's reputation... when as it turned out, the platform simply wasn't secure enough. On June 8, 2026, OpenMonero's main server was compromised by an attacker who gained root access through a local privilege escalation process.
This part is interesting. I wonder if it was some zero-day, or if he simply did not update the server regularly for security patches. |
|
|
|
Trêvoid (OP)
Copper Member
Hero Member
Activity: 546
Merit: 631
trevoid.com █ No KYC / AML
|
|
June 11, 2026, 09:29:01 AM |
|
Isn't this like the second or third time they have been hacked? So our red tags were accurate then. The claim whey were hacked according to this threadAnd then he made a big stink on here about DT members ruining his site's reputation... when as it turned out, the platform simply wasn't secure enough. On June 8, 2026, OpenMonero's main server was compromised by an attacker who gained root access through a local privilege escalation process.
This part is interesting. I wonder if it was some zero-day, or if he simply did not update the server regularly for security patches.  evidence provided shows a failure in server hygiene (patch management) rather than an advanced zero-day attack. By not regularly updating the Linux kernel, the server remained vulnerable to well-documented exploits that allow a standard user to elevate their privileges to root. And then he made a big stink on here about DT members ruining his site's reputation... when as it turned out, the platform simply wasn't secure enough.
i believe that person mentally unwell. After I exposed them, they became furious and started publicly making false scam accusations against me on multiple platforms (Dread, here, kycnot.me, and others). Further, there’s no real evidence for this but i feel OP caused a DDoS attack against kycnot.me. This is how I feel about what happened. |
|
|
|
dkbit98
Legendary
Activity: 3010
Merit: 8734
AntiSwap.io - NO AML/KYC EXCHANGER MONITORING
|
|
June 11, 2026, 02:19:56 PM |
|
I remember OpenMonero guy was once active in bitcointalk forum and he claimed they are very secure. He also criticized all other alternative exchanges calling them inferior in every way. I don't know if 200 XMR was actually stolen, but I know hackers now sadly have boosted skills after AI release. |
|
|
|
|
|
[center][table][tr][td][font=Arial Black][size=24pt][glow=#222,1][nbsp][url=https://en.antiswap.io/?utm_source=bitcointalk_s3][size=5pt][sup][size=21pt][b][color=#03adfd]🛡[/b][/sup][/size][size=13pt][nbsp][/size][size=5pt][sup][size=18pt][color=#fff]Anti[color=#3b82f6]Swap[/sup][/size][nbsp][nbsp][size=14pt][sup][size=8pt][i][color=#fff]NO[nbsp]AML/KYC—EXCHANGER[nbsp]MONITORING[/sup][/size][nbsp][nbsp][size=6pt][sup][size=16pt][glow=#03adfd,1][nbsp][font=Impact][color=#fff]900+[/font][nbsp][/glow][/size][/sup][/size][size=6pt][sup][size=16pt][glow=#3b82f6,1][nbsp][size=8pt][sup][size=8pt][color=#fff]EXCHANGERS[/size][/sup][/size][nbsp][/glow][/size][/sup][/size][/url][nbsp][nbsp][font=Arial][b][size=14pt][sup][size=8pt][url=https://bitcointalk.org/index.php?topic=5568680.msg66184227#msg66184227][color=#fff]BITCOINTALK[/url][/size][/sup][/size][/font][nbsp][size=9pt][sup][size=18pt][color=#3b82f6]│[/size][/sup][/size][nbsp][font=Arial][b][size=14pt][sup][size=8pt][url=https://t.me/+qGCCD6ncnctiZTli][color=#fff]TELEGRAM[/url][/size][/sup][/size][/font][nbsp][nbsp][/td][/tr][/table][/center] |
|
|
Trêvoid (OP)
Copper Member
Hero Member
Activity: 546
Merit: 631
trevoid.com █ No KYC / AML
|
|
June 11, 2026, 03:57:43 PM |
|
I remember OpenMonero guy was once active in bitcointalk forum and he claimed they are very secure. He also criticized all other alternative exchanges calling them inferior in every way. I don't know if 200 XMR was actually stolen, but I know hackers now sadly have boosted skills after AI release. He was attacking both of us and making false claims I shouldn't have wasted my time replying to him.  |
|
|
|
dkbit98
Legendary
Activity: 3010
Merit: 8734
AntiSwap.io - NO AML/KYC EXCHANGER MONITORING
|
|
June 15, 2026, 05:31:13 PM |
|
He was attacking both of us and making false claims I shouldn't have wasted my time replying to him. I vaguely remember he was doing something like that, but it's not easy to follow what all nutcases are doing in this forum in their free time. Anyway, I never used his exchange service and I never lost anything, so I think I did well after all |
|
|
|
|
|
[center][table][tr][td][font=Arial Black][size=24pt][glow=#222,1][nbsp][url=https://en.antiswap.io/?utm_source=bitcointalk_s3][size=5pt][sup][size=21pt][b][color=#03adfd]🛡[/b][/sup][/size][size=13pt][nbsp][/size][size=5pt][sup][size=18pt][color=#fff]Anti[color=#3b82f6]Swap[/sup][/size][nbsp][nbsp][size=14pt][sup][size=8pt][i][color=#fff]NO[nbsp]AML/KYC—EXCHANGER[nbsp]MONITORING[/sup][/size][nbsp][nbsp][size=6pt][sup][size=16pt][glow=#03adfd,1][nbsp][font=Impact][color=#fff]900+[/font][nbsp][/glow][/size][/sup][/size][size=6pt][sup][size=16pt][glow=#3b82f6,1][nbsp][size=8pt][sup][size=8pt][color=#fff]EXCHANGERS[/size][/sup][/size][nbsp][/glow][/size][/sup][/size][/url][nbsp][nbsp][font=Arial][b][size=14pt][sup][size=8pt][url=https://bitcointalk.org/index.php?topic=5568680.msg66184227#msg66184227][color=#fff]BITCOINTALK[/url][/size][/sup][/size][/font][nbsp][size=9pt][sup][size=18pt][color=#3b82f6]│[/size][/sup][/size][nbsp][font=Arial][b][size=14pt][sup][size=8pt][url=https://t.me/+qGCCD6ncnctiZTli][color=#fff]TELEGRAM[/url][/size][/sup][/size][/font][nbsp][nbsp][/td][/tr][/table][/center] |
|
|
|
coupable
|
|
June 15, 2026, 08:42:29 PM |
|
Isn't this like the second or third time they have been hacked? Seriously? I have not heard of any hack about Openmonero before, only what I know about the platform is that it is decentralized. Maybe the hacks were of little amount of money like this one because if 200 monero was stolen, that is still less than $70000. This has been the lowest that I have read about before. The operator confirmed that all funds have been lost. Does this mean that 200 monero represents the full amount of liquidity on the platform? Considering that Monero maintains a robust global liquidity of about $150 to $300 million in daily volume accross exchangers. Note that the Ethereum DeFi protocol Ambient Finance, formerly known as CrocSwap, suffered an 84 ETH (more than $110K) drain due to a smart-contract vulnerability [1] on the same date, June 8th. [1] https://www.cryptotimes.io/2026/06/08/ethereum-defi-protocol-ambient-finance-suffers-110k-drain/ |
|
|
|
instantexchange.i2p
Copper Member
Newbie
Activity: 6
Merit: 0
|
|
June 18, 2026, 01:12:37 PM |
|
Wow... From a technical perspective there are things they're saying that they're not saying. The way they framed the kernel as being the culprit or source leads to other thoughts... For example are they on a VPS? I would likely say yes because the finger pointing they're trying to do leans this way. It is not exactly brain-dead simple to harden a linux environment but, it's very difficult to ensure proper security on a VPS unless you are in charge of the host machine running that guest instance as it's known. We have seen VPS operators steal funds and it's very easy for them especially when you start analyzing further security implications on a VPS like being unable to encrypt the entire instance yourself because they spin up an instance themselves "for you". We can go on but, that's just one thought you can take away from this.... IF what they claim is true.
Our site is fully hosted on our own equipment that we setup at the datacenter, even if they took the server they couldn't get in to it.
|
░█░█░▀█▀░▀█▀░█▀█░░░░░░░█░░░█░▀█▀░█▀█░█▀▀░▀█▀░█▀█░█▀█░▀█▀░█▀▀░█░█░█▀▀░█░█░█▀█░█▀█░█▀▀░█▀▀░░░░▀█▀░▀▀▄░█▀█░░░░█░░░░█▀▄░▀█▀░█▀▀░░░░▄▀░░░░░▀▄░░░░█░█░█▄█░█▀▄░░█▀▀░█░█░█▀█░█▀█░█▀▀░░░░█░░░░█▀█░█▀█░░░█░█░█░█░█▀▀░
░█▀█░░█░░░█░░█▀▀░░▀░░▄▀░░▄▀░░░█░░█░█░▀▀█░░█░░█▀█░█░█░░█░░█▀▀░▄▀▄░█░░░█▀█░█▀█░█░█░█░█░█▀▀░░░░░█░░▄▀░░█▀▀░░░░█░░░░█▀▄░░█░░█░░░░░▀▄░░▄▄▄░░▄▀░░░▄▀▄░█░█░█▀▄░░▀▀█░█▄█░█▀█░█▀▀░▀▀█░░░░█░░░░█░█░█░█░░░█▀▄░░█░░█░░░
░▀░▀░░▀░░░▀░░▀░░░░▀░░▀░░░▀░░░▀▀▀░▀░▀░▀▀▀░░▀░░▀░▀░▀░▀░░▀░░▀▀▀░▀░▀░▀▀▀░▀░▀░▀░▀░▀░▀░▀▀▀░▀▀▀░▀░░▀▀▀░▀▀▀░▀░░░░░░▀░░░░▀▀░░░▀░░▀▀▀░░░░░▀░░░░░▀░░░░░▀░▀░▀░▀░▀░▀░░▀▀▀░▀░▀░▀░▀░▀░░░▀▀▀░░░░▀░░░░▀░▀░▀▀▀░░░▀░▀░░▀░░▀▀▀░ |
|
|
yhiaali3
Legendary
Activity: 2478
Merit: 2635
|
|
June 18, 2026, 05:52:38 PM |
|
Although I am not a big expert on such platforms, But from my limited experience I believe that the platform owner made a series of mistakes, the first and biggest of which was running monerod on the same server as the interface. This means that monerod was running on the same server that contained the private keys, the database, and even the interface and system files. This is a fatal mistake because any small vulnerability in monerod or the system means direct access to everything. He should at least have monerod on a separate server, but it seems he just wanted to save some money.  |
|
|
|
logfiles
Copper Member
Legendary
Activity: 2758
Merit: 2329
|
|
June 19, 2026, 10:58:41 AM
Last edit: June 19, 2026, 08:21:44 PM by logfiles |
|
<...>
They tried using shortcut from the word go. In the now deleted thread, the red flags were there right from the word go - OpenMonero is the REAL domain for a new LocalMonero groupBasically trying to ride on the previous success of localmonero/Agoradesk who had honorably bowed out of business. A contact with the localmonero representative revealed that they didn't approve of such behaviors and warned people about using openmonero. |
|
DΞX.fo | | | | | | ▄▄██████
█████████
██████████
██████████
██████████
█████████
▀▀██████
▄███████
▄██████████
████████████
█████████████
█████████████ | | | | ▄▄█
▄████▀
▄███▀█▄
▄██▀█▄██
█████▀▀█
████████
████████
▀██▄████
▄████▄▄█
▄█████▀███
▄█████▀████▀
█████▀███████
▀██▀█████████ | | | | | BTC XMR
DAI LTC
Fees 0.8% |
|
|
|
OpenMonero
Jr. Member
Activity: 56
Merit: 4
|
|
June 25, 2026, 08:46:15 PM |
|
We have seen VPS operators steal funds and it's very easy for them especially when you start analyzing further security implications on a VPS like being unable to encrypt the entire instance yourself because they spin up an instance themselves "for you".
Honestly, better to get hacked now and fix things than risk getting hacked later without even knowing. I take responsibility for the old setup. I was hosting everything on one server. But that's changed, the frontend now runs on its own server, and the backend is on a different one, with a different hosting provider. That way, if something happens again, it minimizes the damage. We were down for almost 2 weeks due to an issue with the hosting providers dashboard (alexhost). All my top vendors got refunded yesterday, and the rest should be done in 2 - 4 months. OM is here to stay for at least 15 years. I think it takes around 2 years to really build solid security for a darkFI project like this. |
|
|
|
|
OpenMonero
Jr. Member
Activity: 56
Merit: 4
|
|
June 25, 2026, 08:48:31 PM
Last edit: June 25, 2026, 10:04:54 PM by OpenMonero |
|
They tried using shortcut from the word go. In the now deleted thread, the red flags were there right from the word go - OpenMonero is the REAL domain for a new LocalMonero groupBasically trying to ride on the previous success of localmonero/Agoradesk who had honorably bowed out of business. A contact with the localmonero representative revealed that they didn't approve of such behaviors and warned people about using openmonero. I have told you many times before, Openmonero is a distinct project and I don't need approval to use their open source code. Why else would you make a code open source. Its because you want to share the code, design, style, etc. Why the fuck do I need approval. Sorry, but you are a pretty ignorant person and a spammer as well. You post the same nonsense again and again. I have left a negative trust entry in your profile. Moreover, localmonero nulled the all the text from localbitcoins.com and not giving any credits at all but you don't care for some reason. I mean how can u rip something if its already ripped? At least, I am honoring the LM project event though they deserve shit. Go to openmonero.com, scroll down (to footer) and read the following credits: This project was inspired by Agoradesk.com (agoradesk-app-foss). While the codebase has been entirely rewritten, certain text elements and CSS styles were adapted from the original work. We appreciate the contributions of the original authors and the open-source community that made this project possible. |
|
|
|
|
OpenMonero
Jr. Member
Activity: 56
Merit: 4
|
|
June 25, 2026, 08:56:32 PM |
|
Isn't this like the second or third time they have been hacked? Seriously? I have not heard of any hack about Openmonero before, only what I know about the platform is that it is decentralized. Maybe the hacks were of little amount of money like this one because if 200 monero was stolen, that is still less than $70000. This has been the lowest that I have read about before. The operator confirmed that all funds have been lost. Does this mean that 200 monero represents the full amount of liquidity on the platform? Considering that Monero maintains a robust global liquidity of about $150 to $300 million in daily volume accross exchangers. Note that the Ethereum DeFi protocol Ambient Finance, formerly known as CrocSwap, suffered an 84 ETH (more than $110K) drain due to a smart-contract vulnerability [1] on the same date, June 8th. [1] https://www.cryptotimes.io/2026/06/08/ethereum-defi-protocol-ambient-finance-suffers-110k-drain/I have built openmonero.com in such a way to be against exit scams, but it can only work with low liquidity but big volume. Self-custodial trade funding esures that there is never a big amount of honey in the pot. It really is about timing and making sure that your funds are only at risk for a very short period of time. I knew OM would be hacked sooner or later and I wanted to be able to refund all my users, which is exactly what I did. See self-custodial trade funding in my FAQ: http://cegtyerm55uadttx5ayaptwgk4anwlqilx56fvn4iyxjghdewhzc6qqd.onion/faq#self-custodial-trading-funding |
|
|
|
|
OpenMonero
Jr. Member
Activity: 56
Merit: 4
|
|
June 25, 2026, 09:08:06 PM |
|
This part is interesting. I wonder if it was some zero-day, or if he simply did not update the server regularly for security patches.
It was a vulnerability in the dashboard of the hosting provider (alexhost.com). See screenshot from support ticket: https://t.me/p2p_monero_talk/7285You can even read on trustpilot.com that all alexhost servers were down on the exact day when OM wallet got drained. Someone had direct root access via VNC. The rest is history. |
|
|
|
|
OpenMonero
Jr. Member
Activity: 56
Merit: 4
|
|
June 25, 2026, 09:16:03 PM |
|
Well, well... Why am I not surprised
After the past sagas and hack stories. I don't think anyone serious would believe anything they say or even use the platform. Personally I am never going to use it.
You don't seem to understand that openmonero.com is the biggest p2p platform with monero as the base currency. Ppl need to understand that. Its because of the user experience, the support and the refund program. You can hack it 10 times, it will always come back, but stronger than before. The project is fully back up and running now. I ve switched the servers around, reset the onion address, environment variables, and backup codes to make everything more secure. We ve also done a pretty big redesign, adding full wallet isolation from the frontend, and the backend IP is now hidden too. 90 XMR were refunded just yesterday. |
|
|
|
|
|
