Monday, September 21, 2020
No menu items!
  • News
  • Blockchain
  • Cryptocurrency
  • Contact Us
More

    Series of Events that Led to Attack on Trinity and the Measures Taken by IOTA Foundation

    Must Read

    Binance Reveals What Prevents Traditional Brokers from Offering Crypto Services

    Binance, the arguably largest cryptocurrency exchange by trading volume, has revealed the major prevention of traditional brokers from offering...

    Crypto Trader Lists the Reasons Why XRP Price Will Never Attain 5 Figures

    A cryptocurrency trader and investor has some hours ago listed the reasons why he thinks that the Ripple’s digital...

    Jed McCaleb Effects about $3 Million Selloff, As XRP Liquidity Indexes Stay Low

    Going by the recent data released by Bithomp, Jed McCaleb, who co-founded the cross-border payment giant, Ripple, has initiated...
    Avatar
    Solomon Odunayo
    Solomon has a growing passion for writing, this propelled him to keenly work on Eagles News Media for about two years before delving into the cryptocurrency and Blockchain industry he finds more interesting. He worked as a crypto Journalist and Editor at NewsLogical before joining Herald Sheets, owing to the priceless experience he has accumulated since he became a contributor in the crypto community.




    IOTA Foundation has recently published a detailed blog post regarding the series of events that led to the attack on Trinity Wallet a couple of days ago.

    The measures taken to mitigate the situation were also itemized in the publication.

    Recap of the Series of Attacks that Led to Trinity

    According to the report, on 12th February 2020, around 3 PM CET, there were tons of messages sent to the moderators on the IOTA Discord server, from the users that observed zero balance and/or unauthorized transactions sent from their wallets.

    After a series of similar incidents were reported, it became obvious it was a coordinated attack on the wallet, which prompted the IOTA Foundation engineers to get to work in order to discover the specific cause of the attack.

    The first decision taken by the foundation in the first 4 hours of the investigation was to deactivate the coordinator. This was the measure taken as a temporary security mechanism in the course of the network maturation phase.

    Halting the coordinator is a very big decision due to the suspension of value transaction confirmation it initiates on the network. But this delicate decision had to be taken to prevent the hackers from transferring more tokens.

    This vital decision taken halted the attackers from further preplanned damage because it stopped a lot of transactions from and to the attackers at once.

    For detailed information about the attack, visit blog.iota.org.

    What Trinity Users Need to Do

    According to IOTA Foundation, it is necessary for Trinity users to use the forthcoming migration tool to ensure the protection of their tokens from unforeseen attacks to their tokens.

    The Foundation averred that such an attack needs a lot of complex measures for the IOTA network before the operation can fully resume without further potential losses.

    For this reason, IOTA Foundation decided an important and extra precautionary step to ensure the safety of the affected users of Trinity wallet by developing a detailed migration plan and a dedicated tool.

    This plan and tool will aid the Trinity users to have a safe way of migrating their tokens to a new seed. IOTA Foundation assured the sharing of the details of this migration plan in the subsequent blog post.

    Read the Steps Taken to Address the Incident As Shared by IOTA Foundation Below:

    1. The Foundation set up a status update page where victims and the public could access regular updates.
    2. Built a new Tangle analytics toolset (utilizing our permanode) that tracks tokens in real-time. This tool will help support the ongoing criminal investigation.
    3. Allocated all available resources to assist with the investigation of attacked seeds and analyze the attack pattern, using the set of newly developed tools, as well as a separate parallel manual analysis and verification (to validate tooling reliability).
    4. Released a new version of Trinity Desktop for users to install on top of the current version with the attack vector removed, which would allow users to safely open and check their wallet balances. You can find it here.
    5. Released new versions of Trinity Mobile on iOS and Android with MoonPay removed. These can be downloaded via the App Store and Play Store respectively.
    6. Developed an attack remediation plan, which involves building a seed migration tool to move users to a safe seed.
    7. Brought on multiple security experts and firms to assist with the analysis and cyberforensic investigation, as well as develop the remediation plan.
    8. Contacted the UK, German, and Maltese police and the FBI to report the incident and provided documentation and updates as they became available.
    9. Collected information from affected users and developed a dedicated community discord channel for them.
    10. Collected and analyzed app files from both affected and non-affected users, categorized malicious code types and developed a timeline of when the malicious code was deployed.
    11. Contacted all relevant exchanges to gather insight into where the tokens had been transferred and to lock any unsold tokens.
    12. Worked together with MoonPay to investigate the cause of this hack and acquire the necessary information for the investigation.




    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Latest News

    Binance Reveals What Prevents Traditional Brokers from Offering Crypto Services

    Binance, the arguably largest cryptocurrency exchange by trading volume, has revealed the major prevention of traditional brokers from offering...

    Crypto Trader Lists the Reasons Why XRP Price Will Never Attain 5 Figures

    A cryptocurrency trader and investor has some hours ago listed the reasons why he thinks that the Ripple’s digital token XRP can never attain...

    Jed McCaleb Effects about $3 Million Selloff, As XRP Liquidity Indexes Stay Low

    Going by the recent data released by Bithomp, Jed McCaleb, who co-founded the cross-border payment giant, Ripple, has initiated another selloff of the digital...

    Analyst Says XRP Price Has Potential to Surge By 30% Once It Breaks This Resistance

    A cryptocurrency analyst identified as TiborVrbovsky has opined (using an illustrative chart on Tradingview) that the fourth largest digital currency by market capitalization, XRP,...

    Kraken Exchange to Return to Japan with XRP, ETH, LTC, BCH, XBT Spot Trading

    As recently announced, the top cryptocurrency that just became a United States Bank after winning bank charter approval, will soon reopen in Japan with...

    More Articles Like This