IOTA Foundation Will Re-Launch Its Network By March 2 After $2M Trinity Wallet Hack

On February 20 the IOTA Foundation said that it plans to reactivate is network by March 2, after an abrupt shutdown last week caused by a hack which led to loss of funds by some Trinity wallet users.

The non-profit organization stated that it is creating transition tools which will assist the users in transfering their funds to new accounts. When the transition is complete, the foundation will re-launch the network, which was stopped after the attack, as CryptoTheNews repored last week.

After that IOTA Foundation has started to seek the cause together with law enforcement agenices, such as the German Center for Cybercrime and the U.S. Federal Bureau of Investigation, according to the foundation’s co-founder Dominik Schiener and the official website.

Schiener said that the total loss resulting from the hack is estimated in about $2 million, and some of the funds have already been transferred to exchanges.

This way, IOTA Foundation is developing a remediation plan to refund the victims of the attack, although more details will be available next week, according to Schiener.

Summarizing the attack, the foundation stated that the attacker exploited a vulnerability in MoonPay, a fiat-to-crypto onramp platform integrated with Trinity, a wallet solution created by the company to support the IOTA network’s token.

The hacker managed to take over MoonPay’s content distribution network and infiltrated the Trinity Wallet through the integration. Then they distributed malicious Software Development Kits (SDKs) to Trinity users and stole funds stored in their wallets.

Talking about the software package which can accept SDK as a static file thus leaving an open door for a malicious SDK, Schiener said: “The biggest fault that we have made was to not integrate the NPM package and properly security auditing the integration. Human error and the pressure to release a new version ASAP ultimately lead to this mistake.”

Although the team identidied 50 victims from the attack, the total number of users receiving malicious SDKs is unknown. As such, the foundation has prompted all Trinity wallet users to move their tokens to new accounts.

Scheiner said: “One important thing is obviously that this does not affect all IOTA users, but only affects Trinity users of the Trinity desktop wallet. So everybody else is safe and doesn’t have to worry about this.”

The IOTA Foundation’s decision to stop the network after the attack faced controversy, since IOTA is designed as a decentralized network. The foundation was able to shut down the network because it controls the Coordinator node which normally ensures the finality and validity of individual transactions which are linked together.

However, the IOTA Foundation is sure that such mechanism is important for the network’s development during its early stages.

IOTA Foundation co-chair David Sønstebø said:

“I know that is controversial in a space where decentralization is all that matters until something like DAO happened and you could roll back the blockchain anyway… this [pausing the network] was an extraordinary measure in response to an extraordinary event and it’s important to get across, at least from our perspective, that no one at the IOTA Foundation or the IOTA project is happy that we had to take such extreme measures.”

“But we are happy that we were able to,” he added. “And that we’re taking the safe route.”