Developers behind the privacy-focused cryptocurrency Beam have revealed that the "critical" bug discovered in their wallet software last week could have put user funds directly at risk.
As stated in a Medium post published today, the vulnerability would have allowed an attacker to create “modified transactions” and subsequently send funds directly into the attacker's wallet.
In an exclusive interview with CoinDesk, Beam CTO Alex Romanov explained that by leveraging Beam’s Secure Bulletin Board (SBBS) system – a custom-built system to enable offline encrypted messaging between Beam wallets – attackers “currently listening in on active SBBS addresses … would be able to cause these wallets to send money to an attacker.”