It is rather uncommon for a cryptocurrency network to grind to a halt. In the case of IOTA, the Foundation somehow managed to shut down the Tangle due to an incident.
When developers or a Foundation can “pause” a network, there is something amiss.
THE IOTA NETWORK CAN BE PAUSED
The core concept of cryptocurrencies is to be decentralized without central authority or control.
In the case of IOTA, it appears there is some degree of centralization, albeit it may be a good thing in this regard.
By shutting down the Coordinator node – which will be removed altogether in a future updated – potential damage to the network has been prevented.
The initial statement mentions how the IOTA Foundation is working with law enforcement.
Apparently, there was a coordinated attack involving stolen funds.
It is believed $1.6 million in MIOTA may have been stolen, albeit that figure has yet to be confirmed.
Some evidence hints at high several high-value accounts are affected, which may be caused by an exploit in the Trinity desktop wallet.
It is evident that the pausing of the network may be the best course of action in such a scenario.
It is far from ideal, and will undoubtedly continue to spark many debates all over the world.
The Full IOTA Network Incident Report has been Released
The recent incident affecting the IOTA network still leaves many people surplussed. A full incident report has finally come to light, which puts things in their proper perspective.
It is rare for a cryptocurrency network to be halted completely.
DOCUMENTING THE IOTA NETWORK HACK
This is especially true when it comes to developers causing this situation.
In the case of IOTA, the developers decided to take this action following a Trinity wallet issue.
Some money has been stolen, albeit the situation could have ended up far worse.
In the full report, a lot of details have been provided as to what went down exactly.
It paints an interesting picture, although one that shows how shutting down the IOTA network is crucial.
One could also argue that the attacker(s) could have been more successful if patience was exercised.
Interestingly enough, this attack dates back all the way to late November 2019.
This goes to show how elaborate the procedure is, and how much preparation is involved.
The report also confirms how the MoonPay integration is what allowed for the hack.
That service’s API endpoints were rewritten, allowing the culprit to further advance the scheme.
There will still be some concern as to whether this is an inside job, however.
Despite Network Outage, IOTA Investors Continue to “HODL”
IOTA recently had to shut down its network due to an attack on its official wallet, Trinity. Despite the significance of the outage, a recent poll suggests that investors will not sell their holdings once the network is reinstated.
IOTA Holders Remain Positive
On Feb. 13, the IOTA Foundation was obligated to turn off the Coordinator, a system that checkpoints valid transactions, following a vulnerability exploit in its Trinity wallet.
Thus far, ten victims have been identified and the losses are estimated to be between $300,000 and $1.2 million worth of IOTA.
Due to the network outage, nobody can send or receive IOTA at the moment. Nevertheless, investors do not seem bothered about this fact.
Julian Hosp, co-founder of Cake DeFi and I-Unlimited, conducted a Twitter poll asking IOTA holders whether they plan to sell or hold their tokens once the network is back online. Out of the 1,610 respondents, 67.5% percent said they will continue to hold their tokens while only 32.5% showed their intent to sell.
A Twitter user under the pseudonym C4chaos affirmed that he will remain a “HODLer” and is currently waiting to move his tokens through the “seed migration tool.” He insisted that if IOTA is able to resolve this issue he would likely become a “perma bull” and buy more tokens in the event of a sell-off.
Along the same lines, another Twitter user said that “sellers are already gone, because they could’ve sold their IOTA at the exchanges.” He believes that those who kept their funds in the Trinity wallet are long-term investors and will continue to hold their tokens until their investments flourish.
Although IOTA holders appear positive, there is a high probability of a sell-off after the network is reinstated, according to Hosp.
A look at IOTA’s price chart could give a better idea of where this cryptocurrency could go if the selling pressure behind it increases.
Strong Support Ahead
Based on its 12-hour chart, IOTA is sitting on top of a significant support level presented by the 100-twelve-hour moving average (MA). If investors indeed rush to exchanges to sell their holdings once the network is back online, this hurdle could break pushing the price of this cryptocurrency down.
A candlestick close below the 100-twelve-hour MA suggests a move to the 200-twelve-hour MA, which could prevent the price of IOTA from a steeper decline. This support barrier is currently sitting at $0.23.
If the 200-twelve-hour MA fails to contain the fall, market participants could panic sell their tokens sending the price to $0.20 or $0.15.
Nevertheless, if the 100-twelve-hour MA continues to hold, the bearish outlook could be invalidated. A spike in buy orders could take IOTA to test the resistance given by the 50-twelve-hour MA. Breaking above this level could send this crypto further up to test the recent yearly high of $0.37.
It is worth noting that this is not the first time that the IOTA network has been halted. In December 2019, it was briefly shut down for 15 hours due to technical issues rather than a security threat. Following the incident, IOTA’s price appreciated over 16% .
Now, it remains to be seen how market participants will react once the network is fully functional.
IOTA HOLDERS URGED TO CHANGE WALLET PASSWORDS NOW
- MANY IOTA ACCOUNTS MAY BE COMPROMISED
- FULL REPORT PROMISED
After releasing an update for their compromised Trinity wallet, the IOTA Foundation is directing users to change their passwords. More steps will soon be announced to ensure funds are secure.
MANY IOTA ACCOUNTS MAY BE COMPROMISED
Last week the Iota Foundation stopped its network, the Tangle, after hackers stole funds from at least ten high-value accounts. The foundation soon tracked the vulnerability to the desktop version of Trinity.
The foundation states:
The foundation is confident that only users that opened desktop Trinity during the specific date range are at risk. Nevertheless, it has also released an update for the mobile wallet, and is calling on those users to change their passwords out of an “abundance of caution.”
The password change is only the first step in resolving this issue. Users will also need to acquire new seeds, which are the 81 character keys that hold Iota tokens on the Tangle. The foundation promises soon to release a seed migration tool to enable this process. The network will not be restarted until after the tool has been made available.
FULL REPORT PROMISED
The IOTA Foundation promises a full report on this hack. The vulnerability appears to be connected to MoonPay, a service recently integrated into Trinity that enables users to purchase IOTA directly from within the wallet. The MoonPay feature does not appear in the patched version.14 BTC & 30,000 Free Spins for every player, only in mBitcasino’s Crypto Love Affair! Play Now!
Regardless of the cause, this is a serious breach of the IOTA platform. Although it appears that the hackers did not compromise the core protocol, they may have acquired a large number of seeds. Thus, users that do not use the migration tool will remain vulnerable.
IOTA holders that have lost funds are encouraged to contact the foundation through its Discord channel. The foundation has stated that it is working on a remediation plan for the theft victims. It is unclear, however, if this plan will involve direct compensation or a chain reorganization. The foundation is also working with law enforcement to help locate the perpetrators.
This event is one of many incidents of theft that have become common in the crypto space. It is proof positive that blockchain technology remains a work in progress, and that even very secure platforms can be made vulnerable. Before this incident, Trinity had been independently audited and was widely considered extremely safe to use.