The nonprofit organization behind the IOTA cryptocurrency shut down its entire network this week after someone exploited a vulnerability their wallet app to steal funds.
The attack happened this week, Wednesday, on February 12, 2020, according to a message the foundation posted on its official Twitter account. According to a status page detailing the incident, within 25 minutes of receiving reports that hackers were stealing funds from user wallets, the IOTA Foundation shut down “Coordinator,” a node in the IOTA network that puts the final seal of approval on any IOTA currency transactions.
The never-before-seen move was meant to prevent hackers from executing new thefts, but also had the side-effect of effectively shut down the entire IOTA cryptocurrency…
IOTA members said hackers used an exploit in “a third-party integration” of Trinity, a mobile and desktop wallet app developed by the IOTA Foundation. Based on current evidence, confirmed by the IOTA team, it is believed that hackers targeted at least 10 high-value IOTA accounts and used the Trinity exploit to steal funds.
Sunday the team released “a safe version” of their Trinity Desktop “to allow users to check their balance and transactions. This version (1.4.0) removes the vulnerability announced on 12th February 2020…”
Their status page advised users to contact a member of the IOTA Foundation if their balance looks incorrect. “Please be aware that there are unfortunately active imposters posing as IOTA Foundation personnel on our Discord. Therefore it is important that you directly initiate contact with the IF or mod team yourself…”
“The Coordinator remains down for now as we finalise our remediation plan. You will not be able to send value transactions.”