Home / Blog / IOTA funds were stolen (3.49Ti ~500k$) on 12th March 2020 after network relaunch [longread] : CryptoCurrency

IOTA funds were stolen (3.49Ti ~500k$) on 12th March 2020 after network relaunch [longread] : CryptoCurrency

IOTA funds were stolen (three.49Ti ~500ok$) on 12th March 2020 after network relaunch [longread] : CryptoCurrency

Hey CC comunity!

First of all, sorry for posting it a bit late I’ve some severe adjustments in my life-style and enterprise resulting from Coronavirus state of affairs on this planet. For those that are contaminated I want to get properly quickly and all the remainder to remain protected and to remain residence.

Here is my brief story:On March 12th I made related however brief submit relating to my stolen IOTA within the sub r/IOTA. First of all I met round 50% downvotes, I don’t know why however evidently IOTA’s group don’t need to see posts relating to stolen IOTA, I acquired a variety of critics for utilizing Trinity pockets as a substitute of hardware and so on. But I see nothing unusual utilizing desktop pockets and it doesn’t matter whether or not it’s IOTA Trinity or Bitcoin QT or Ethereum pockets until in has robust manually typed password, VPN connection and another safety issues. Or possibly IOTA’s group was afraid of undesirable dangerous consideration throughout that market crash that day. So due to that have I made a decision to make a submit right here at r/CC.

Some brief reminder of what occurred earlier than my funds acquired stolen (https://status.iota.org)

Some information:https://www.coindesk.com/iota-foundation-suspends-network-probes-fund-theft-in-trinity-wallethttps://cointelegraph.com/news/iota-foundation-investigates-funds-allegedly-stolen-from-trinity-walletshttps://www.theblockcrypto.com/post/55955/iota-foundation-funds-stolen-users-of-trinity-wallet

If you don’t need to learn that information listed below are some details with timestamp:

February 12th 2020 – 18:55

As a precaution we ask you to maintain your Trinity pockets closed for now.

February 12th 2020 – 19:20

After preliminary investigation we determined to show off the Coordinator to ensure no additional theft can happen till we discover out the basis trigger of those thefts. (Lets say: “blockchain stopped”)

February 14th 2020 – 17:50

We have discovered the exploit.

February 15th 2020 – 00:50

After efficiently figuring out the assault on Trinity by means of a third-party integration

February 17th 2020 – 02:23

We have simply launched a protected model of Trinity Desktop to permit customers to examine their steadiness and transactions. This model (1.four.1) removes the vulnerability introduced on 12th February 2020. (I’ve put in this specific model)

February 21st 2020 – 18:43


February 24th I left my nation for some working journey

February 26th 2020 – 13:10

We are at present within the testing part of the migration instruments, as soon as testing completes the instruments shall be audited by a exterior occasion. If this all goes properly we’re aiming to launch these instruments later this week.

February 29th 2020 – 19:15

The Seed Migration Tool is now accessible.

March sixth 2020 – 15:17

REMINDER: You have till 5PM (UTC), Saturday, seventh March emigrate your seed.

I’m nonetheless in another country however I’m fairly positive I’m protected coz I’ve put in 1.four.1 pockets which removes the vulnerability.

March eighth 2020 – 18:15

The migration interval has ended.

I acquired again to my nation

March 10th 2020 – 16:45

We are aiming to renew worth transactions round 5PM CET at present.

March 10th 2020 – 18:15

The network coordinator has resumed operation. (Let’s say “blockchain restarted”)

Now my flip:

My steadiness by that point (https://imgur.com/EJiB6it)

March 10th

I’ve determined to ship my IOTA to change till I purchase Hardware pockets and type it out the way it worksTest transaction to change 5Gi:JQ9DZPGUFLBJTLDLIKQBWLUBOXJULKIQFSWKNYVFIHETSZJOTGRYEZZELE9BZFVUEBGATEITPDTXXHZVD

It took change 24 hours to credit score it to my steadiness…


All over once more… 24h to credit score it to my steadiness.

March 12th


screenshot of transaction with stolen IOTA (https://imgur.com/DtXbjOs)

All carried out transactions (https://imgur.com/M8Qj2jC)

Same day I’ve made first submit on reddit to get some consideration to the occurred state of affairs. At the identical time I’ve begin to seek for some technical assist by means of over official telegram teams:


(https://imgur.com/McmrF3L)I’ve ship a message the place I’ve acknowledged that my funds were stolen after network relaunch. Got some response from person Basti he invited me to a different group with basic dialogue.display shot 1 (https://imgur.com/hvDuoQA)display shot 2 (https://imgur.com/MewdNm5)

Our brief dialogue continued on the basic dialogue group iotacafe

(https://imgur.com/e9ErcPW) Where Basti launched me to the IOTA Foundation member Antonio Nardella (https://imgur.com/WxZRk8N)

Before I began my dialog with Antonio I resolve to get some details about him. I’ve discovered a Medium submit with some welcoming phrases to Antonio Nardella.

(https://imgur.com/KK4zoOv) telegram(https://imgur.com/VquNCpi) medium

Seems legit.

Of course I could not be 100% positive it was him however the data he requested for wasn’t actually delicate so determined to share all I knew and all I did.

(https://imgur.com/X3Ha02Q) He additionally talked about a pockets built-in service MoonPay, whether or not I used the pockets with this service or not and it didn’t matter if I used the service it self.

I’ve knowledgeable him that I used 1.four.1 pockets which was really useful to put in on February 17th 2020(https://imgur.com/iZdNcm7)

When he gathered all the required data relating to lack of funds he took the time for sending this data for investigation workforce.

After an extended awaited reply I acquired the identical day this:

“Hello, I used to be knowledgeable that the lack of tokens is related to the individual/workforce chargeable for the Trinity pockets assault by way of a third-party dependency from Moonpay.

As prompt on https://status.iota.org/, please file a report with the native police and to quote the next case quantity when doing so: LKA Berlin, Center for Cybercrime, case quantity: 200213-1717-i00290.”(https://imgur.com/Gov1v0i)

So, reinstalling the pockets did not assist me to keep away from the lack of funds.

Well if my funds are proved to be stolen then it means – sure, I’ve used the Trinity pockets between the December 17th 2019 and the February 17th 2020. And sure, I wasn’t in a position to make seed transition throughout the given interval. I used to be in another country beginning type Feb 24th until March eighth. I may even proove it with my border passing stamps… You know I didn’t use to take four.5Ti with me simply in case I would wish an pressing seed transition. Could you think about 1000’s of individuals with their multimillion Bitcoin holdings carrying non-public keys on a regular basis with them simply in case they would wish seed transition… The funds were stolen not by my mistake however IOTA builders/basis/and so on (shall we say IOTA workforce) mistake.

At the tip of my story I need to take your consideration to the truth that I didn’t compromise my PC neither pockets nor password nor seed. All my fault was for utilizing the desktop pockets… How are you able to think about your person with out utilizing your software program/companies/and so on… I need to publicly name IOTA workforce (particularly mr David Sonstebo) to cowl not solely these which were to occur again within the Feb 2020 however all of the loses which were brought on by that pockets vulnerability. (https://www.coindesk.com/iota-founder-personally-refunding-hack-losses-to-safeguard-projects-remaining-reserve)

Thanks for studying and thanks in your time!

About Agent

Check Also

What’s the best Exchange for Crypto Futures Trading? : CryptoCurrency

What’s the best Exchange for Crypto Futures Trading? : CryptoCurrency

What’s the best Exchange for Crypto Futures Trading? : CryptoForex I am at present utilizing …

Leave a Reply

Your email address will not be published. Required fields are marked *