IOTA, a Berlin-based non-profit foundation, has suffered a wallet hack on 12 February. Thus, it has stopped operations since then.
On 6 March, IOTA founder David Sønstebø said he will reimburse the 46 victims from his own pocket at a total value of 8.52 million MIOTA (equivalent to nearly $1.97 million).
Sønstebø added that the foundation is still on the right track to relaunch the network on 10 March.
Commenting on the hack and the number of iotas stolen, Sønstebø said:
“The hack itself was on MoonPay’s infrastructure, but due to the way it was integrated into the Iota wallet, there was a vulnerability that was exploited by the hacker. The total amount of iotas siphoned out of accounts were 8.52 Ti.”
In addition, he went up to say 46 investors were impacted by the hack, due to swift action including turning off the Coordinator by the foundation. “We were able to prevent the attacker from stealing from more people. Two of the users had multiple seeds, so around 50 individual wallets.”
IOTA learns from attac
Sønstebø also indicated that the foundation learnt a good lesson that it should never give up absolute security under any circumstances.
“This MoonPay vulnerability emerged due to the Iota Foundation attempting to deliver on all fronts, including building one of the best wallets in the space. In retrospect, we should have done a lot more due-diligence and had stricter auditing procedures in place, and simply more patience. I can assure you that this oversight won’t repeat itself and IF has already set up further engagements with 3rd party auditing firms, as well as hiring more security specialists to [the Iota Foundation],” he added.
Earlier, Cryptolydian reported IOTA as announcing that it will help users to transfer their tokens to new accounts through new transition tools.
IOTA also has asked all users of the Trinity wallet to transfer their tokens to new accounts.