Tuesday, November 24, 2020
No menu items!
  • News
  • Blockchain
  • Cryptocurrency
  • Contact Us
More

    Series of Events that Led to Attack on Trinity and the Measures Taken by IOTA Foundation

    Must Read

    Ethereum 2.0 Staking Deposits Surpass 65% of Required ETH As Price Hits $600

    At the time of publication, the Ethereum 2.0 staking deposit contract has surpassed 65% of the required amount of...

    Ripple Has Officially Added Bank of America (BoA) to the List of Top RippleNet Members on Its Website

    Ripple, the San Francisco based blockchain firm, has now officially included Bank of America (BoA) on the list of...

    Crypto Strategist Scott Melker displays His Bullishness on ADA, ETH, LTC, XRP and Three Others

    A cryptocurrency analyst, Scott Melker, popularly known in the crypto industry as Wolf Of All Streets, has revealed he’s...
    Avatar
    Solomon Odunayo
    Solomon has a growing passion for writing, this propelled him to keenly work on Eagles News Media for about two years before delving into the cryptocurrency and Blockchain industry he finds more interesting. He worked as a crypto Journalist and Editor at NewsLogical before joining Herald Sheets, owing to the priceless experience he has accumulated since he became a contributor in the crypto community.




    IOTA Foundation has recently published a detailed blog post regarding the series of events that led to the attack on Trinity Wallet a couple of days ago.

    The measures taken to mitigate the situation were also itemized in the publication.

    Recap of the Series of Attacks that Led to Trinity

    According to the report, on 12th February 2020, around 3 PM CET, there were tons of messages sent to the moderators on the IOTA Discord server, from the users that observed zero balance and/or unauthorized transactions sent from their wallets.

    After a series of similar incidents were reported, it became obvious it was a coordinated attack on the wallet, which prompted the IOTA Foundation engineers to get to work in order to discover the specific cause of the attack.

    The first decision taken by the foundation in the first 4 hours of the investigation was to deactivate the coordinator. This was the measure taken as a temporary security mechanism in the course of the network maturation phase.

    Halting the coordinator is a very big decision due to the suspension of value transaction confirmation it initiates on the network. But this delicate decision had to be taken to prevent the hackers from transferring more tokens.

    This vital decision taken halted the attackers from further preplanned damage because it stopped a lot of transactions from and to the attackers at once.

    For detailed information about the attack, visit blog.iota.org.

    What Trinity Users Need to Do

    According to IOTA Foundation, it is necessary for Trinity users to use the forthcoming migration tool to ensure the protection of their tokens from unforeseen attacks to their tokens.

    The Foundation averred that such an attack needs a lot of complex measures for the IOTA network before the operation can fully resume without further potential losses.

    For this reason, IOTA Foundation decided an important and extra precautionary step to ensure the safety of the affected users of Trinity wallet by developing a detailed migration plan and a dedicated tool.

    This plan and tool will aid the Trinity users to have a safe way of migrating their tokens to a new seed. IOTA Foundation assured the sharing of the details of this migration plan in the subsequent blog post.

    Read the Steps Taken to Address the Incident As Shared by IOTA Foundation Below:

    1. The Foundation set up a status update page where victims and the public could access regular updates.
    2. Built a new Tangle analytics toolset (utilizing our permanode) that tracks tokens in real-time. This tool will help support the ongoing criminal investigation.
    3. Allocated all available resources to assist with the investigation of attacked seeds and analyze the attack pattern, using the set of newly developed tools, as well as a separate parallel manual analysis and verification (to validate tooling reliability).
    4. Released a new version of Trinity Desktop for users to install on top of the current version with the attack vector removed, which would allow users to safely open and check their wallet balances. You can find it here.
    5. Released new versions of Trinity Mobile on iOS and Android with MoonPay removed. These can be downloaded via the App Store and Play Store respectively.
    6. Developed an attack remediation plan, which involves building a seed migration tool to move users to a safe seed.
    7. Brought on multiple security experts and firms to assist with the analysis and cyberforensic investigation, as well as develop the remediation plan.
    8. Contacted the UK, German, and Maltese police and the FBI to report the incident and provided documentation and updates as they became available.
    9. Collected information from affected users and developed a dedicated community discord channel for them.
    10. Collected and analyzed app files from both affected and non-affected users, categorized malicious code types and developed a timeline of when the malicious code was deployed.
    11. Contacted all relevant exchanges to gather insight into where the tokens had been transferred and to lock any unsold tokens.
    12. Worked together with MoonPay to investigate the cause of this hack and acquire the necessary information for the investigation.




    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Latest News

    Ethereum 2.0 Staking Deposits Surpass 65% of Required ETH As Price Hits $600

    At the time of publication, the Ethereum 2.0 staking deposit contract has surpassed 65% of the required amount of...

    Ripple Has Officially Added Bank of America (BoA) to the List of Top RippleNet Members on Its Website

    Ripple, the San Francisco based blockchain firm, has now officially included Bank of America (BoA) on the list of top RippleNet customers on its...

    Crypto Strategist Scott Melker displays His Bullishness on ADA, ETH, LTC, XRP and Three Others

    A cryptocurrency analyst, Scott Melker, popularly known in the crypto industry as Wolf Of All Streets, has revealed he’s bullish on seven altcoins, including...

    Analyst Says Ethereum (ETH) Could Target $850 Once It Surmounts This Key Resistance

    Virtually all the cryptocurrencies in the market have been enjoying the current price rally that was started by Bitcoin (BTC), the largest cryptocurrency by...

    Ripple Moves to Bring XRP Ledger to the World of Central Bank Digital Currencies (CBDCs)

    Considering the latest job listing, Ripple, the San Francisco based cross-border payment firm, is moving to bring XRP Ledger to the world of Central...

    More Articles Like This