- IOTA released the Trinity Dekstop Wallet version 1.4.1 a few hours ago, which is supposed to close the existing security lack of the hack that became known on Feb. 12.
- There was only an upgrade for the desktop version, as the mobile version should not be affected.
After a hack of the Trinity Wallet had occurred on February 12th, the community was eagerly awaiting an update from the IOTA Foundation. The tangle also stood still so that no stolen MIOTA could be moved. Last night (01:23 UTC), the IOTA Foundation released a new version (1.4.1) of the Trinity Desktop Wallet to close the existing security hole.
According to the company the mobile version of the wallet is not affected, so there is only one update for the desktop version. The new version can be downloaded from this link. With the new version the account balance can be viewed and the transaction data can be checked. If the account balance is not correct, a Discord Mod or a member of the IOTA Foundation should be contacted immediately so that the exact problem can be investigated further.
Extreme caution should be exercised in this regard, as fraudsters are also on the loose, posing as IOTA employees. The coordinator remains disabled so that no transactions can be sent:
The Coordinator remains down for now as we finalise our remediation plan. You will not be able to send value transactions. We will post an additional update soon detailing the plan going forward.
Dominik Schiener, co-founder of IOTA added yesterday via Discord:
Just FYI: the team is now working on a plan on how to recover from this and get the network back into operations while also allowing anyone who might have been affected to safely transition. there are no guarantees just yet, but we will do our best to get this through ASAP. Hopefully we will have a concrete action plan tomorrow and will then communicate it.
A further update will follow later today, which will show the exact rehabilitation plan until the IOTA network is fully operational again. With regard to the stolen assets, the IOTA Foundation is working with law enforcement agencies and in parallel is developing a new analysis tool to track the stolen IOTA in real time:
We are continuing our work with law enforcement agencies, our in-depth analysis of what happened and a remediation plan for the secured funds of Trinity users. We are in the process of building a new analysis tool (using the Permanodes) that will track funds in real time. This tool will support the ongoing investigation.
Regarding the attack on the Trinity Wallet, Schiener also said that it was “pretty sophisticated” and that the security hole only emerged after the security audit:
needless to say, that the vulnerability itself was rather sophisticated and required access on multiple levels to be able to execute it on this scale. Hopefully we will be able to share more soon.[Did the vulnerability existed after or before the audit on trinity?]
after the audit.
The community stands together
Despite the difficult times, IOTA founder Dominik Schiener is overwhelmed by the comprehensive support he and the entire IOTA team have received from the community. Schiener states:
The entire Trinity Team has done an amazing job, and there is not a single person to blame. The attack itself was very clever and targeted the IOTA and Trinity itself.
The price of MIOTA follows the current market trend and after the sudden flash crash of the market, within the last 24 hours, recorded a minus of 8.56% to a price of 0.2715 USD.