21 February, 2020 | AtoZ Markets – IOTA continues to publish new information in response to a hack on its official wallet on February 12. The IOTA strongly recommends the Trinity wallet users to immediately change their passwords and use the seed migration tool to protect their assets. Trinity users who opened or updated their wallet between December 17, 2019, and February 18, 2020, maybe vulnerable.
IOTA Trinity Wallet Update
IOTA is currently operating on its dedicated Tangle network, not a blockchain but Coordinator, a node on the network to help prevent attacks. The desktop version of Trinity Wallet proved to be vulnerable after hackers attacked several high-value accounts on February 12, gaining access to private wallet keys.
The IOTA Foundation has identified the security hole in the Trinity wallet. The MoonPay integration allowed a hacker to access certain Trinity wallets. MoonPay added to the wallet on December 19 and made it quick and easy for investors to invest in IOTA.
According to IOTA, the Trinity wallet’s proprietary code is secure. Recently, IOTA published an updated version of the mobile wallet for iOS and Android without MoonPay. Today, IOTA also released a new 1.4.3 desktop version of the Trinity wallet. It supports Mac, Linux, Windows 10 and Windows 7.
This was the last update for Windows 7 users. They should upgrade to Windows 10. An update required to close the security breach. Charlie Varley, the lead developer of the IOTA Foundation, told:
This was necessary because the security hole introduced in the Trinity wallet via the integration of MoonPay. We are working on an incident report in which we will release details of the vulnerability, how it introduced, how it exploited. Moreover, we are trying to improve our overall security practices.
We also want to inform users that their credit card details are not likely to have been compromised by this incident of security.”
Read More: EU Can't Regulate Facebook's Libra Without More Details
Users Should Use the Seed Migration Tool
Hackers may have obtained several seeds from IOTA users. They may find others. So, do not quickly use the migration tool as the foundation suggests. Users are also encouraged to use the migration tool to migrate their MIOTA to secure seed. Further details on how this works will be published in due course.
Trinity users - If you opened #Trinity between Dec 17th 2019 - Feb 18th 01.30 CET 2020, you will need to use the seed migration tool to protect your tokens. Further details about the tool and migration period soon. All updates at https://t.co/3blzUVGJTE or https://t.co/vbg93hQBiG— IOTA (@iotatoken) February 20, 2020
There will be a migration phase for this change before the Coordinator resumes activities. The IOTA Tangle begins to operate normally. If two people migrate the same seed during the migration phase, a KYC process will start. If the hacker now tries to migrate the stolen MIOTA to new seed, a third party company will verify if that person is the true owner of the MIOTA.
MIOTA is still trying to find their marks when it comes to data breaches and working with existing blockchain technology. The company had to close for 24 hours in December 2019 following an incident on the main network.
Think we missed something? Let us know in the comment section below.