It has been almost two weeks since the Trinity wallet attack, which has seen IOTA’s transaction coordinator halted.
The fiat on-ramp was exploited by a hacker who leveraged the vulnerability to access IOTA’s Trinity wallet software, which was integrated with MoonPay. From there, funds were stolen from Trinity wallet users, with total losses believed to total around $2 million.
Until the IOTA Foundation announced that it had been forced to pause the network in the wake of the hack, MoonPay was a little-known payment processor working within the crypto economy to supply fiat on-ramps.
It now finds itself thrust into the spotlight, but for all the wrong reasons. An investigation by the IOTA Foundation traced the source of the attack back to a MoonPay vulnerability that enabled the hacker to control the firm’s content distribution network.
As the Foundation’s blog post deconstructing the attack explains, an “illicit version of Moonpay’s software development kit (SDK)” was “loaded automatically from Moonpay’s servers (their content delivery network) when a user opened Trinity.”
IOTA: MoonPay Carries the Can for $2 Million Exploit
Billing itself as “the new standard for fiat to crypto,” MoonPay profess to have been “made by developers for developers” and boasts of the quality of its API. While the IOTA Foundation notes that it was able to work with MoonPay to “investigate the cause of this hack and acquire the necessary information for the investigation,” it makes no bones about where the blame lies for the exploit, naming MoonPay 19 times during the first installment of its blog post into the incident.
In a series of tweets sent on February 21, MoonPay detailed that it is “working closely with the IOTA Trinity team to continue its investigation of the security incident” and promised “We have retained top cybersecurity experts to assist in our discovery process. Once our investigation is complete, we will take further action as per GDPR and other regulatory requirements. A complete report with our learnings to follow.”
While the minutiae of the attack are still being determined, the source of the exploit – MoonPay’s CDN – is not in doubt. The attack has caused alarm in cryptocurrency circles, not just on account of its size, but due to the way in which it was orchestrated.
The MoonPay website features testimonials from Bitcoin.com and ZenGo attesting to the power of the company’s fiat-to-crypto gateway. There are now concerns, however, that a similar attack could be orchestrated against other cryptocurrency wallets in the same way.
Caution Urged While Investigation Continues
Crypto wallets are meant to be sandboxed from external threats, with on-chain activity occurring independently of that which takes place on traditional financial rails. The MoonPay attack shows that care is required when introducing fiat support to crypto wallets, so as not to introduce a possible attack vector.
Other fiat-crypto gateways are known to deploy a different approach to wallet integration and enforce additional safeguards, meaning the MoonPay exploit is unlikely to be replicable elsewhere. Until MoonPay publishes a full post-mortem of how the attack went down – and the steps that have been taken to prevent a repeat – crypto companies will be cautious about utilizing the tiny payment processor.