Hackers have exploited a vulnerability in the official IOTA wallet to steal funds from the users. In response to the incident, the IOTA Foundation, the nonprofit organization behind the IOTA
The attack took place on February 12, 2020, the incident was confirmed via Twitter by the foundation:
The foundation also published details about the incident on its website, it explained that decided to shut down “Coordinator” node a few minutes after it became aware of the fraudulent transactions.
The Coordinator is a note of the IOTA network that is involved in the final approval
The measure was adopted to prevent hackers from stealing additional funds, according to the foundation, the perpetrator targeted high-value accounts first, before moving on to smaller accounts and then being interrupted early by the halt of the coordinator.
“The attack pattern analysis showed that the halt of the coordinator interrupted the attacker’s attempts to liquidate funds on exchanges.” reads the post published by the fundation. “The stolen funds have been purposely and repeatedly merged and split to obfuscate the investigation, and with the current token exchange rate as well as exchanges’ KYC limits in mind. We received additional feedback from more exchanges (not all yet), confirming that none of the identified transactions
At the time of publishing this post, the IOTA network is still down and an investigation is ongoing.
IOTA members along with external cyber security experts that have joined the investigation discovered that hackers exploited a dependency of the Trinity wallet app.
“We have found the exploit and are now working on resolving the issue. As expected, the exploit is related to the (user-facing) Trinity Wallet. The IOTA core protocol is – as already communicated before – not breached.” continues the post.
The IOTA has not disclosed the total value of the stolen funds, but experts believe it could be more than $1 million worth of IOTA coins.