Hackers Stole $4 Million From IOTA Wallets

Hackers Stole $4 Million From IOTA Wallets

Holders of IOTA reported that they had been thieved for about $4 million of cryptocurrency from their wallets. This was caused by malicious online generators of seed-phrases. The identity of the attackers could not be established.

When users create a new wallet for IOTA, they need to enter a secret phrase consisting of 81 characters. According to the HelloIOTA site, there are several workarounds that simplify this task. In particular, users can use a seed generator based on IPFS or create a key using a Mac or Linux terminal. However, none of these methods can be called simple, so beginners who do not have the necessary knowledge and skills to use them, are forced to resort to alternative solutions, among which are online generators of seed-phrases.

One of the most popular sites in this segment, iotaseed.io , has now stopped working, and when you try to access it, the following message is displayed: "Closed. Excuse us".

To create a secret code, this generator offered users to move the mouse to "generate randomness," and then provide a seed-phrase that meets the requirements of the IOTA wallet.

As the member of the IOTA Evangelist Network Ralph Rottmann reports , the attackers carried out a DDoS attack on the known full IOTA nodes to prevent the victims of this fraudulent scheme from recovering their funds.

The attackers knew the code phrases. You yourself invited them into your wallets, passing the keys on a silver platter. The community of full node operators discusses various strategies for protecting community nodes from certain similar DDoS attacks in the future.

Currently, in the community of full node operators, various approaches are being discussed to improve the protection of public nodes from this kind of DDoS attack in the future.

In the community, IOTA has repeatedly warned users that when using online seed-phrase generators, they should change parts of them to avoid losing money. The developers of the project also repeatedly pointed out that these vulnerabilities are not related to IOTA technology and are associated only with seed generators.

Recall that in December IOTA denied information about the partnership with Microsoft, which caused a wave of criticism of the project. Its creators were accused of intentionally informing the wrong information to manipulate the market, and then had to refute it.

As for the theft of users' funds, earlier this month hackers withdrew $ 400,000 from the BlackWallet crypto in Stellar Lumen (XLM). To do this, they intercepted the DNS domain record of the wallet and redirected it to their server.

Information Source: CCN

What To Expect From A Cryptocurrency Market In 2020
Crypto market has always been a good target for speculation, shady schemes, and "bad guys". It's also very controversial, especially for financial...
Influence of Recent Cryptocurrency Boom: Does It Still Hurt?
Crypto Exchange Gate.io Agrees With Reports Showing 51% Attack On Ethereum Classic Bitcoin is a decentralized digital currency (also known as...
Cryptocurrency Exchange Security Levels
The growing interest in cryptocurrencies has led to the emergence of a wide selection of both digital money and the sites where you can exchange one...
Belarusbank Considers Setting Up Crypto Exchange
Last year March Belarus introduced a decree by which it legalized cryptos and some activities related to them. This made Belarus a frontrunner in the...
Nasdaq CEO Believes Cryptos Have Place in Future in Economy
Almost two months ago Nasdaq’s representative Joseph Christinat confirmed the rumours that in 2019 the American stock exchange might launch BTC...
Report: Leaders of South Korean Crypto Exchange Komid Face Jail After Fraud
This week the Asian crypto-market has been rich in the news. Earlier it was reported that Japan finally approved Coincheck’s official status as cyber...
Crypto-Expert Brian Kelly Says 2019 Will Bring No Approval to BTC ETF
For the past year, various ETF-projects have been failing to receive the green light from American regulators. And despite the bullish ambitions of...
Ethereum Classic 51% Attacker Reportedly Returned $100,000 to Exchange
Cyber money exchange Gate.io has informed the general public about the return of previously stolen $100,000 worth Ethereum Classic units. According...
Approved Coincheck & Scrutiny on DLT: Japan and China Move in Different Directions
Asian countries seem to go in different directions when it comes to the regulation of cryptos and blockchain. Two Asian tigers — Japan and China...
Tokenized Shares of Apple, Tesla and Netflix to be on Crypto-Exchange
A new trading platform will soon be launched by an Estonian regulated exchange DX.Exchange. The company will mock the mechanisms that the American...