- A safe version of Trinity Desktop released that will allow users to check their balance and transactions
- Trinity Mobile not affected but asked not to open until a new version is released
The IOTA Coordinator is still halted while the investigation continues regarding the stolen funds. However, the team has released a “safe version” that will allow users to check their transactions and balance that will be fetched on login. IOTA Foundation wrote on Monday.
“We have just released a safe version of Trinity Desktop to allow users to check their balance and transactions. This version (1.4.1) removes the vulnerability announced on 12th February 2020. Download the version here and install it over your old version: https://github.com/iotaledger/trinity-wallet/releases/tag/desktop-1.4.1.”
The update also points out that Trinity Mobile doesn’t appear to have been affected by the attack but is still advised to not to open until a new version is released. The Coordinator also remains down for now until they finalize a remediation plan.
It all started on Feb. 12 when IOTA Foundation turned off the Coordinator after several reports of fund theft came into light.
After conducting an initial investigation, the team decided to single-handedly turn off the mainnet network which is claimed to be “100% decentralized” to ensure no further theft. IOTA Foundation stated,
“the halt of the coordinator interrupted the attacker's attempts to liquidate funds on exchanges.”
The fact that they can easily pause the network despite claiming to be completely decentralized didn’t go well with the community.
a solid chunk of long tail alts can be quite simply 'turned off' at the sole discretion of the administrators. it's always fun when they let the veil slip.
but please, tell me more about your TPS https://t.co/dvYg6yHwGY
— nic carter (@nic__carter) February 13, 2020
“While the IOTA Foundation can press a button and shutdown the system, this in no way means IOTA is centralized. It is infact 100% decentralized, in the words of the IOTA Foundation,”
commented Eric Wall.
For all those that thought you were holding Iota. You aren't. Only Iota is holding Iota. https://t.co/sUvLIpmA48
— Bob McElrath (@BobMcElrath) February 13, 2020
Working on a remediation plan
On Feb. 13, IOTA Foundation reported that most evidence points towards seed theft with the cause unknown. This affected at least 10 users that have recently used Trinity wallet and they have since been in contact with the firm.
Back in July 2019, IOTA announced the full release of Trinity wallet, developed by the IOTA Foundation, which it said was “a secure software wallet for IOTA tokens.” It was also “rigorously security audited by leading security firms.”
Currently, #IOTA is working with law enforcement and cybersecurity experts to investigate a coordinated attack, resulting in stolen funds. To protect users, we have paused the Coordinator and advise users not to open Trinity until further notice. Updates: https://t.co/ME3Cvki3k9
— IOTA (@iotatoken) February 13, 2020
The following day, it updated the community on the development made in the investigation that included adding several cyber forensic experts to perform the scans of Trinity’s dependencies and affected systems.
Also, no transfer or liquidation of monitored funds has been reported by exchanges.
It was then found the problem was with a dependency of the trinity wallet, (user-facing) Trinity Wallet, and no indication of IOTA core protocol breach of any kind.
On the weekend, the foundation continues to work with law enforcement and has started working on a remediation plan to avoid the loss of funds. The team is also working on “a plan on how to recover from this exploit and get the network back into full operation,” after successfully identifying the attack on Trinity via third-party integration.