The IOTA team has halted the coordinator and are currently investigating reports of a possible vulnerability in its Trinity wallet. The team has recommended that nobody open Trinity until further notice while they investigate the incident.
Trinity wallet App, may have been compromised
IOTA, a blockchain project aimed at solving integration with the Internet of Things (IOT), has been either attacked or a vulnerability has been exploited in the Trinity wallet app. The foundation has recommended that users do not open Trinity, until they have found the cause of the exploit.
About $1.6 Million USD worth of #iota have been stolen from ~10 high-value accounts. Bug is likely in the (official) desktop wallet. Network completely stopped for nearly 24 hours now.#IOTAstrong just keeps on giving. pic.twitter.com/CMwyRRtYy0
— 00xou (@00xou) February 13, 2020
Trinity is a wallet that’s available for Mobile, Windows, and MacOS, so a wide variety of users could potentially be affected, however early reports have only tallied 10 victims. Half of the reported victims are in communication with the IOTA team.
The details regarding the incident are thin at the moment, but we do know that evidence is pointing towards recovery seed theft. It is unknown at present how the seeds could have been stolen. So far, no mobile users have been affected, only one Mac user has been affected and the rest of the victims were Windows Trinity users.
The IOTA foundation is still investigating the reports, and will be releasing a full summary once they conclude the investigation. They cannot rule out other causes at this time.
IOTA has had security issues in the past
IOTA’s wallets have had security vulnerabilities in the past. Early implementations of IOTA’s wallet were reported to be unstable, and caused tokens to be lost or sent to incorrect addresses. Many early users had complaints, and the team responded by making a series of improvements to