Skip to main content

IOTA forced to suspend network after wallet hack




The group leading the development of the IOTA blockchain, the IOTA Foundation, has run into a troubling situation.  The non-profit was forced to halt its network this past Wednesday after discovering that the IOTA Trinity wallet had been attacked by hackers, resulting in the theft of tokens it held.  The issue is still being unraveled, but there are reports that anywhere from $300,000 to $1.6 million in IOTA tokens may have been lifted from the wallet.

When reports started flowing in on Wednesday that the wallet could have been hacked, the group took action and shut down the Coordinator node to look into the issue further.  It is reportedly looking into a security flaw found in an earlier version of the wallet, and explains, "First (but not all) exchanges have responded, reporting that no monitored funds have been transferred or liquidated.  Most evidence is pointing towards seed theft, cause still unknown and under investigation.  Victims (around 10 that identified with the IOTA Foundation so far) all seem to have recently used Trinity."

As indicated, there have been ten victims identified.  Trinity is available for mobile devices, as well as Windows and MacOS, and some reports indicate that the problem may be limited to the desktop application.  However, this has not yet been confirmed.

This isn't the first time that IOTA has run into security issues, but the possible theft of as much as $1.6 million could make it one of the most disastrous.  In the past, the wallet implementations have been known to be buggy and unstable, and tokens have been lost or sent to the wrong addresses.  The development team also previously rolled out a controversial hash function that was met with a lot of criticism, which developers refuted.  However, they later changed the code anyway to respond to those complaints.

By far, the most disastrous hit to the alternative blockchain's reputation came when a hacker out of the UK stole $11 million in IOTA tokens.  However, his run was short-lived, as law enforcement was able to track him down and arrest him, and IOTA was able to recover the majority of the stolen funds.

After this latest attack, the foundation is already working with law enforcement to determine how much damage was done.  The group explains in an announcement, "We've shifted the complete focus of all relevant resources of the IOTA Foundation to this investigation last night and we have been working in teams to investigate [the] impact and cause together with the identified victims."  It added, "We have been working on the investigation of attacked seeds and analyzed the attack pattern, using a set of newly developed tools, as well as finishing a complete manual verification (to validate tooling reliability)."

Comments

Post a Comment

Popular posts from this blog

What is iDice?

iDice is a dice betting Dapp fueled by the use of the Ethereum organize. eg. iDice lets in players do several things and having such an innovative new token on the ETHEREUM Platform, we had to write an article about this new project. Guess on the space by the use of keeping up iDice tokens and best of all 100% of all benefit iDice acquires is dispersed among token holders, related to the amount of tokens they dangle. iDice amusement code is decentralized and changeless. Such gigantic building fees highlight a rising requirement for experienced, fair and cast Dapps. iDice iDice is an control which gives a provably affordable and simple, virtual Ethereum dice betting Dapp. The house edge will be set intensely and token holders have an atypical esteem that is dependably equiva- loaned to the house edge. iDice has a fully simple provide code accessible at etherscan.io. The payout of recreations is many times speedy. Provably Fair iDice uses open provide blockchain...
Post a Comment
Read more

Spanish Banks Form New Blockchain Consortium

A group of Spanish banks has formed the country's first blockchain consortium. Wholesale bank Cecabank announced the effort today, partnering with professional services firm Grant Thornton. Who's involved: In its announcement, Cecabank doesn't say which other institutions are taking part, stating that it "comprises 33% of the Spanish banking sector". However, according to Spanish newspaper El Pais, the group's membership includes Abanca, Bankia, CaixaBank, Kutxabank, Ibercaja, Liberbank and Unicaja. It represents the first major foray into blockchain for these companies, as other Spanish banks, including Banco Santander and BBVA, have been working with the tech for some time. What they're saying: Thus far, only Cecabank has commented publicly on the consortium effort, describing it as a way for its employees to get a top-down understanding of the tech – as well as possible insight into how the bank might actually go about using it. "Employees of all o...
Post a Comment
Read more

Ethereum Smart Contract Issues Frustrate Developers with Fatal Bugs

Only weeks after the execution of a hard fork to mitigate various DoS (denial-of-service) attacks, the Ethereum network and its developers are struggling to deal with yet another major flaw. This time, major issues in regards to smart contracts have emerged, which have rendered the efforts of decentralized applications in the Ethereum network purposeless. On November 1, the Ethereum development team and the founder of Solidity warned users and developers against a bug that allowed variables to be overwritten in storage. Variables in a smart contract are agreements made between two or more parties. Thus, if an attacker can gain access to the storage and alters the variables, crucial agreements in decentralized applications can be affected and funds may be extracted, which may pressure developers to discard previous smart contract-based projects to recompile contracts. Ethereum developers including Ansel Lindner stated that the development of an Ethereum application is failing to opera...
Post a Comment
Read more