Our only URLs are
All other sites are scams – especially be wary of:
benumbs.cards & bennumb.cards & bennumbs.cards & benumb.cc & many more…
(it can be hard to notice the S and extra N if not careful.)
Welcome to the real deal.
Please bookmark this link — the other sites have simply copy/pasted our html and don’t actually have any cards to sell.
They can be easy to fall for if you aren’t cautious!
So if I understand correctly, there is prior knowledge of which transaction’s and thus enotes are initially controlled by the attacker.
They observe on block 2965193 that some transaction has a net of 17 input enotes and 11 output enotes. All 9 poisoned enotes are used in this transaction.
They deduce that this transaction is by the attacker, since the probability that the decoy selection algorithm would select all 9 of these enotes at once is incredibly low.
This reveals the true spends for some of the rings, but there are other rings where the true spend is unknown, potentially from another source?
They then look a bit further for where these enotes went, and identify 3 candidates for where they were swapped for a different cryptocurrency (which, is likely bitcoin) using a counterparty (so some sort of exchange).
And they conclude that the reason there are so many output enotes is likely because the attacker was using Monerujo which has a feature to maintain a minimum and maximum amount of usable enotes, which I assume is to remove the annoyance of lockout when you need to wait for your change to come back to you.
Is this a good way of interpreting what’s going on in this report?