March 29, 2024

IOTA Trinity wallet user funds stolen due to application vulnerability

The IOTA team is looking into reports of a possible vulnerability in its Trinity wallet that led to the theft of funds10 users. Currently, transactions in the network are temporarily suspended.

The IOTA blockchain project was attacked ormalicious exploitation of a vulnerability in the Trinity Wallet application. IOTA said it began receiving reports of funds being stolen from users on Wednesday and decided to take down the coordinator node on the network for further investigation. The developers recommend that users do not open the Trinity application until further notice.

IOTA Foundation studies the problem at an earlierversion of your wallet. The developers are also trying to analyze the scheme of hacker attacks and perform a manual check. According to the IOTA, “the first (but not all) exchanges responded to the request and reported that the monitored funds were not transferred or cashed.”

"Most evidence indicates theft“Seeds,” the reason for which is still unknown and is being studied by developers, ”the IOTA Foundation said. “It seems that all the victims (about 10 people who have contacted the IOTA Foundation at the moment) recently used Trinity.”

On the social network Twitter, IOTA reported thatis working with law enforcement and cybersecurity experts to investigate the coordinated attack that resulted in the theft of funds. The company has not disclosed the total amount of funds stolen, but Twitter user 00xou reports that approximately $1.6 million was stolen from 10 users. He also notes that the problem most likely occurred in the desktop version of the wallet.

The last update on the status of the IOTA investigation was made on February 13th at 11:45 pm. The message says:

“We are still exploring many possibleroot causes, including an exploit of the previous version of Trinity with all its dependent objects. We are working on the study of attacked “seeds” and analyzed the attack scheme using a set of recently created tools, and also completed a full manual check. In connection with the ongoing investigation, we will continue to stop the transaction of funds on the network. Please note that data transfer is not affected by this restriction. ”

Let's remember that in December, IOTA developers announced that they had fixed the glitch that suspended the main network, as well as released an updated version of the client for full nodes IRI v1.8.3.

</p></p>