What’s happening in IOTA? Network suspended, background attack on Trinity’s wallet

According to a Twitter message, IOTA closed the network to deal with the attack on Trinity’s wallet.

There’s no telling how long it’ll take for the network to fail. When the IOTA first reported the attack (February 12th), it simply advised users not to open and use their Trinity wallet. The fact that the team is suddenly taking more drastic action may suggest that the problem may not be solved too quickly.

In addition to closing the network, IOTA is investigating the situation in collaboration with law enforcement and cyber security experts. It has also used KYC information to reach the victims.

Details of the attack

The effects of the attack actually affected only Trinity’s wallet. Its premiere took place in July 2019. The wallet was audited by two cyber security companies. Has the relatively short software life span caused researchers to overlook security gaps? The team suggested that early versions of Trinity could be blamed for the attack – although this has not yet been confirmed.

Of course, the IOTA revealed very little detail about the attack to prevent other attackers from doing the same exploit. So far, IOTA only suggested that attackers stole the seedy, which allows them to recover portfolios created by affected users.

The scale of the attack

As of yesterday, it was reported that about 1.6 million dollars’ worth of funds were stolen from about 10 rich IOTA wallets as a result of the attack.

These wallets are probably half of all users currently affected.

Interestingly, the zero-fee approach still allows for data transactions during network downtime, even if the financial dimension of the transaction remains unavailable.

Other controversies around IOTA

IOTA security has already been the subject of several discussions. The best known potential vulnerabilities in IOTA security became the subject of debate in 2018, when IOTA developers and the DCI MIT team began questioning the security of the IOTA shortcut function.

In an unrelated event, a hacker stole $11 million in IOTA during a phishing attack in 2018. The attacker managed to set up a fake website that disseminated its own addresses as new network addresses. This is unfortunately a fairly simple line of attack, which is also common in address generators for Bitcoin and other cryptocurrencies.

The IOTA network also faces a recurring problem of lack of availability. It was closed in December for about 15 hours. In that case, however, the closure was due to technical problems, not a security risk.

With such a wide variety of problems, it is difficult to judge whether the IOTA is more or less secure than other blockchain projects.

In the face of the current attack a special Discord channel was created. IOTA calls for any news related to the attack to be communicated through this channel, which will help to restore the network to working order as soon as possible. There is also an official website with updates about the problem (here).

Travon Temple
Witold Adruszczak CEO of the Bitcoin-Squad.com project for 3 years associated with the crypto industry. This year we have decided on an international project. Our goal is to build Bitcoin awareness in the world. Education and support for people with no experience in the new industry which are cryptocurrencies. If you need more support please write in the comment. For all I always try to answer questions under the articles.