Home Ransomware & Hacks

Post-Hack IOTA Foundation “Urges” Trinity Wallet Users To Use ‘Seed-Migration Tool’

In a post published via Twitter on February 20, 2020 – IOTA / the IOTA foundation (@iotatoken) messaged its followers.

This message advised users of the Trinity cryptocurrency wallet, who had opened their accounts between December 17, 2019 and February 18, 2020 to use its ‘seed migration tool’ before advising that “further details about the tool and migration period” would be available soon.

Back on February 13, 2020 – CoinDesk reported about how the IOTA Foundation had allegedly advised its customers to close any Trinity wallets they were accountable for.

The IOTA Foundation has provided an estimated date of March 2 (via The Block) for the removal of it’s network ‘pause’ which was implemented shortly after the hack had occurred.

IOTA Foundation has claimed to be working in partnership with “law enforcement and cybersecurity experts to investigate a coordinated attack that resulted in stolen funds”.

Broadcast of this news correlated with a large volume of user complaints and reports concerning stolen funds, a fact that has been admitted by the IOTA Foundation itself. The foundation decided to close down its network’s “Coordinator note” until further investigations had been completed .

It has since become common belief that IOTA-based service MoonPay was in some way culpable, potentially being a source of the exploitable code through which the tokens were stolen.

The coordinator node is named after the Coordinator application, and its purpose is to protect the ‘Tangle’ from “attacks such as parasite chains”.

Additionally, “nodes use the Coordinator to reach a consensus on which transactions are confirmed”

Definition of a ‘Coordinator Node’

Tangle is the name of IOTA’s Distributed Ledger.

It “does not consist of transactions grouped into blocks and stored in sequential chains, but as a stream of individual transactions entangled together”.

Definition of Tangle (whitepaper)

Trinity Wallet is a software-based cryptocurrency storage solution available on mobile devices and browsers. It offers customers the power of interoperability, by was of cross-compatibility with third-party hardware wallets.

Key features of Trinity Wallet have been officially advertised to include:

  • Security, using ‘safe-seed storage’ and strong encryption
  • Ease of use, enabling users to “access multiple accounts with a single password. Transactions and balances are updated automatically”
  • Fast transactions, “quick transfers and automatic promotion make transactions smoother than ever”
  • Market Watch, “Trinity keeps you up-to-date with the current value of IOTA across a range of currencies”

All funds invested by customers are also supposed to be protected by third party ‘SeedVault‘.

The purpose of SeedVault is to act as a means of ensuring your funds are secured by using an additional hardware layer, your seed is stored within the hardware device, instead of Trinity, providing a secure layer of separation.

IOTA Foundation was founded in 2017 in Germany and, based on its website, describes itself as a “new type” of (non-profit) foundation which focuses on creating “the next generation of protocols for the connected world”.

It’s three primary sources of funding, the website states, are as follows:

  1. Holdings of IOTA tokens from community donations and unclaimed tokens from the initial crowdsale.
  2. Grants from governments to perform research and development.
  3. Donations from individuals or enterprises.

The foundation, furthermore, is governed by a formal charter comprised of:

  • Governing Board to set and achieve the Foundation’s vision and run its operations.
  • Supervisory Board to guide and oversee the performance of the Governing Board.
  • Advisory Board to provide independent advice, perspective and direction.

The company’s primary product / service it it’s namesake, IOTA blockchain platform, which claims to be “the first open-source distributed ledger that is being built to power the future of the Internet of Things with feeless microtransactions and data integrity for machines”.

IOTA platform is also self-described as a “permissionless distributed ledger for a new economy”. It will use the IOTA digital currency (MIOTA) as the basis of its ecosystem.