02-13-2020, 03:30 AM
IOTA Trinity Wallet having suspicious issues.
<!-- SC_OFF --><div class="md"><p>EDIT: Please be careful of platforms moderated by the relevant teams; sometimes they will try to show only one side. It's important to check with others to help notice bias.</p> <p>​</p> <blockquote> <p>We are currently investigating a suspicious situation with Trinity, please do not open or use Trinity on Desktop until further notice.</p> </blockquote> <p>There seems to be some issues with actual missing funds here... but not much else is known yet. IOTA Foundation members asking folks to DM them if they are missing funds due to this:</p> <blockquote> <p>DM me if you are missing funds as well</p> </blockquote> <p>They currently have the coordinator paused and are asking you to not open any Trinity wallet. I'll update if I figure out anything else. Please stay safe out there with your funds!</p> <p>IOTA Twitter Regarding Issue: <a href="https://twitter.com/iotatoken/status/1227638737862983681?s=19">https://twitter.com/iotatoken/status/1227638737862983681?s=19</a></p> <p>More info for Discord Users:</p> <blockquote> <p>Just to add, for all discord users and servers, that Discord Nitro allows you to impersonate anyone's name, color, and 4 digit ID. </p> <p>Do not trust people in DMs </p> <p>Disable DMs from server members (So they have to friend request you first) </p> <p>Talk to them in a server before accepting a DM or friend request. Scammers are less likely to talk in a public server </p> <p>In the public server, you can view the Roles associate with their account. If they are an official person, it should show them with some kind of staff role, not just 'verified' </p> <p>Do not ever download software from or send money to anyone contacting you via DM. No reputable group will ever contact you via DM for these things </p> <p>Do not accept support via DM</p> </blockquote> <p><strong>Update 20:50 UTC:</strong></p> <ul> <li>IF is actively investigating the issue and considering all possible attack vectors.</li> <li>Only 6-7 victims have been identified so far. Some of them were KYC’ed.</li> <li>All victims had used desktop version of the Trinity wallet.</li> <li>Only one case on macOS, the rest were MS Windows.</li> <li>The attacks appear to have been conducted manually (no scripts involved).</li> <li>The funds were mixed.</li> <li>No mobile users have been affected so far.</li> <li>Those affected can DM Dave on Discord (just make sure it’s really him - Please note the comments on Discord security above).</li> <li>These are 2 of the transactions. One stealing 725 Gi and one 680 Gi: <ul> <li><a href="https://thetangle.org/transaction/VYWRYPQACQMNELEFNNVURHOHINSMTEXCBKCWBLBUMLRNHTJGG9CPKGXVLCCFVDJVYXD9HXBPMOLYZ9999">https://thetangle.org/transaction/VYWRYPQACQMNELEFNNVURHOHINSMTEXCBKCWBLBUMLRNHTJGG9CPKGXVLCCFVDJVYXD9HXBPMOLYZ9999</a></li> <li><a href="https://thetangle.org/transaction/QPKMAKHKQZLRJNJNFXPQBQQBESGNBGWSVUVRVPFGBFYOYEIWFNNDAXFLMQPJOFMCSUF9NVPTPHZA99999">https://thetangle.org/transaction/QPKMAKHKQZLRJNJNFXPQBQQBESGNBGWSVUVRVPFGBFYOYEIWFNNDAXFLMQPJOFMCSUF9NVPTPHZA99999</a></li> </ul></li> </ul> </div><!-- SC_ON --> Kind Regards R
<!-- SC_OFF --><div class="md"><p>EDIT: Please be careful of platforms moderated by the relevant teams; sometimes they will try to show only one side. It's important to check with others to help notice bias.</p> <p>​</p> <blockquote> <p>We are currently investigating a suspicious situation with Trinity, please do not open or use Trinity on Desktop until further notice.</p> </blockquote> <p>There seems to be some issues with actual missing funds here... but not much else is known yet. IOTA Foundation members asking folks to DM them if they are missing funds due to this:</p> <blockquote> <p>DM me if you are missing funds as well</p> </blockquote> <p>They currently have the coordinator paused and are asking you to not open any Trinity wallet. I'll update if I figure out anything else. Please stay safe out there with your funds!</p> <p>IOTA Twitter Regarding Issue: <a href="https://twitter.com/iotatoken/status/1227638737862983681?s=19">https://twitter.com/iotatoken/status/1227638737862983681?s=19</a></p> <p>More info for Discord Users:</p> <blockquote> <p>Just to add, for all discord users and servers, that Discord Nitro allows you to impersonate anyone's name, color, and 4 digit ID. </p> <p>Do not trust people in DMs </p> <p>Disable DMs from server members (So they have to friend request you first) </p> <p>Talk to them in a server before accepting a DM or friend request. Scammers are less likely to talk in a public server </p> <p>In the public server, you can view the Roles associate with their account. If they are an official person, it should show them with some kind of staff role, not just 'verified' </p> <p>Do not ever download software from or send money to anyone contacting you via DM. No reputable group will ever contact you via DM for these things </p> <p>Do not accept support via DM</p> </blockquote> <p><strong>Update 20:50 UTC:</strong></p> <ul> <li>IF is actively investigating the issue and considering all possible attack vectors.</li> <li>Only 6-7 victims have been identified so far. Some of them were KYC’ed.</li> <li>All victims had used desktop version of the Trinity wallet.</li> <li>Only one case on macOS, the rest were MS Windows.</li> <li>The attacks appear to have been conducted manually (no scripts involved).</li> <li>The funds were mixed.</li> <li>No mobile users have been affected so far.</li> <li>Those affected can DM Dave on Discord (just make sure it’s really him - Please note the comments on Discord security above).</li> <li>These are 2 of the transactions. One stealing 725 Gi and one 680 Gi: <ul> <li><a href="https://thetangle.org/transaction/VYWRYPQACQMNELEFNNVURHOHINSMTEXCBKCWBLBUMLRNHTJGG9CPKGXVLCCFVDJVYXD9HXBPMOLYZ9999">https://thetangle.org/transaction/VYWRYPQACQMNELEFNNVURHOHINSMTEXCBKCWBLBUMLRNHTJGG9CPKGXVLCCFVDJVYXD9HXBPMOLYZ9999</a></li> <li><a href="https://thetangle.org/transaction/QPKMAKHKQZLRJNJNFXPQBQQBESGNBGWSVUVRVPFGBFYOYEIWFNNDAXFLMQPJOFMCSUF9NVPTPHZA99999">https://thetangle.org/transaction/QPKMAKHKQZLRJNJNFXPQBQQBESGNBGWSVUVRVPFGBFYOYEIWFNNDAXFLMQPJOFMCSUF9NVPTPHZA99999</a></li> </ul></li> </ul> </div><!-- SC_ON --> Kind Regards R