In the last few days IOTA has suffered a serious hack that has led to a complete network shutdown, demonstrating – according to some people like Tone Vays – how this network may not be completely decentralized.
This flaw has now been solved and, from the network status page, it is possible to see all the progress and what really happened.
The vulnerability was announced on February 12th and in less than a week the team managed to create a new version of Trinity Desktop, version 1.4.1, which obviously removed the vulnerability.
This bug in fact concerned the desktop version of the software, while the mobile version doesn’t seem to have been damaged, although it’s recommended not to use it and wait for an updated version of the smartphone wallet as well.
Even if the software has been updated, the Coordinator is still offline to finalize the resolution process and implement solutions to prevent another hack from happening.
This hack hit the victims by exploiting the seeds of the Trinity wallet: somehow the hacker managed to recover all the seeds and empty the victims’ funds.
Thanks in part to the timely intervention of the team and the interruption of the network, a threat that could have spread to all those who use the software was mitigated.
Now all that remains is to understand where and how the funds can be recovered and to initiate coordination with the various exchanges, which are already providing support, in order to freeze the funds stolen from the victims and return them to their rightful owners.
The whole story is a reminder that it is better to keep all software up to date and not to hold funds in a single wallet/address, so that the risk of loss due to external causes such as a software-level hack can be limited.