IOTA Trinity Wallet Vulnerability Reported, $1.6 Million Stolen

The IOTA team has halted the coordinator and are currently investigating reports of a possible vulnerability in its Trinity wallet. The team has recommended that nobody open Trinity until further notice while they investigate the incident.

Trinity wallet App, may have been compromised

IOTA, a blockchain project aimed at solving integration with the Internet of Things (IOT), has been either attacked or a vulnerability has been exploited in the Trinity wallet app. The foundation has recommended that users do not open Trinity, until they have found the cause of the exploit.

Trinity is a wallet that’s available for Mobile, Windows, and MacOS, so a wide variety of users could potentially be affected, however early reports have only tallied 10 victims. Half of the reported victims are in  communication with the IOTA team.

The details regarding the incident are thin at the moment, but we do know that evidence is pointing towards recovery seed theft. It is unknown at present how the seeds could have been stolen. So far, no mobile users have been affected, only one Mac user has been affected and the rest of the victims were Windows Trinity users.

The IOTA foundation is still investigating the reports, and will be releasing a full summary once they conclude the investigation. They cannot rule out other causes at this time.

PrimeXBT - BTC leverage trading. Altcoins, forex, CPD!

trin down - IOTA Trinity Wallet Vulnerability Reported, $1.6 Million Stolen - 1

If you have been affected, the team urges you to reach out via their Discord #help channel. They also have an official page with updates of the current investigation, here.

IOTA has had security issues in the past

IOTA’s wallets have had security vulnerabilities in the past. Early implementations of IOTA’s wallet were reported to be unstable, and caused tokens to be lost or sent to incorrect addresses. Many early users had complaints, and the team responded by making a series of improvements to the wallet.

In another incident with a major security vulnerability, IOTA employed a self-rolled hash function which was criticized by a team of MIT researchers. The IOTA team denied the vulnerabilities found by the MIT team, and a flaming war ensued on social media.

IOTA corrected the cryptographic vulnerability shortly after, but it was commented on by independent cryptographic researchers. IOTA insisted MIT misrepresented the risks, as well as their findings.

In another incident with a malicious actor, a British hacker stole over $11 million in IOTA tokens and was apprehended by law enforcement. The IOTA foundation was able to recover almost all of the stolen funds, but still suffered a reputational hit on security vulnerabilities.

What do you make of the latest IOTA theft? Add your thoughts below!

Images via Shutterstock, Twitter @00xou

[Source] Author: Ricardo Martinez

Default image
These posts are syndicated from Founded in 2013, Bitcoinist has quickly grown to become the prime source for the latest information about Bitcoin, digital currency and blockchain technology. Bitcoinist is now visited by over 2 million readers each month thanks to one of the most reliable teams in the space, consisting of three experienced editors and over a dozen writers. From business news and technical price analysis to community events, Bitcoinist provides valuable insight in its wide coverage of the entire cryptocurrency industry.