Now they updated warning posted on their site
(All funds (72 xmr) have been stolen in a hack on 6/6/2025)
They apparently removed everything now, I can't see any warning messages on their website, as if this alleged hacking event never happened.
What is more concerning to me is that OpenMonero never publicly explained what happened in forum or in social media, not that I aware off.
Warning is gone now. I've been watching OpenMonero for quite some time now, and honestly, whoever's running it doesn't seem to really know what they're doing. But from what I can tell, what they've done definitely look like an exit scam. And now they continue as nothing happened.
https://talkimg.com/images/2025/06/18/UudsDc.pngAfter giving it some thought, I really think the hosting provider might have stolen the funds. It felt like a sneaky trap offering affordable cloud servers with impressive performance, only to potentially facilitate malicious activity.
Sure, linking the monero-wallet-rpc to 0.0.0.0 was a big mistake, but even then, an attacker would still need the RPC password to get to the funds. So, it probably wasn't just that misconfiguration that caused the breach.
Plus, all logs in /var/log/wtmp have misteriosly been truncated, suggesting someone gained direct access to the node server, stole the funds and deleted the ssh logs, maybe even the hosting provider themselves, or someone who knew exactly what they were doing.
No security is perfect, but all signs point to the hosting provider being the real culprit behind this mess
