IOTA Recommends Trinity Wallet Users To Change Their Passwords And Use The Seed Migration Tool To Pr
The IOTA Foundation strongly recommends users of the Trinity Wallet to immediately change their passwords and use the seed migration tool to protect their assets. As responsible for one of the top-performing cryptocurrencies, IOTA is continuing to release new information in response to a February 12 hack on its official wallet.
https://t.co/M2lMAcokV1 — _Cryptohero_ (@_Cryptohero_) February 21, 2020
On February 19, it has been reported in a status update that Trinity users who opened or updated their wallets between December 17, 2019, and February 18, 2020, maybe vulnerable.
However, IOTA currently runs on its dedicated network Tangle, not blockchain, but Coordinator, a node on the network to help prevent attacks, is on hold following the recent breach. The desktop version of Trinity Wallet was found to be vulnerable after hackers attacked a number of high-value accounts on February 12 by gaining access to private wallet keys.
It has been analyzed that MoonPay, a service that allows users to purchase IOTA directly, was discovered to be the gateway to the breach. The MoonPay feature does not appear in the patched version of Trinity Wallet for desktop users released by the foundation following the attack.
Despite requesting its users to monitor for any suspicious activity and immediately change their passwords, IOTA mentioned it was unlikely for any credit card details to have been affected by the breach:
“…we want to inform users who have input their credit card details into the Trinity Wallet that, to the best of our knowledge, their credit card information is unlikely to have been compromised by this security incident.”
Likewise, this assurance belies the serious nature of the breach. Hackers may have obtained a number of seeds from IOTA users and may find others who do not promptly use the migration tool as the foundation suggests.
Cryptocurrencies like IOTA are still finding their feet when it comes to data breaches and working with existing blockchain technology.
Thus, the company had to shut down for 24 hours in December 2019 following a mainnet incident.