A clever hacker made off with 4$ million worth of IOTA after setting up an phishing site for almost half a year.
To understand how the hack took place, we must first understand how users create a IOTA wallet. When you create a wallet you have to generate a string of random alpha numerical characters. This is the wallet's private key, also named seed. When users create a IOTA wallet, they are required to enter a seed of 81 characters long. One way to generate this seed is to use an online generator.
This is where the hacker registered the domain iotaseed.io and figured he could make a profit. He linked the website code to a GitHub repository, alleging the code was the very same running on the website. In reality, their were some clever modifications to the Notifier.js library, which loaded additional code. He coded the generator to always use a fixed seed and a plus counter variable that increases by one every time the generator is run. Making it easily reversible.
The hacker waited and collected private keys for six months and executed his scheme on January 19. He used to go by the nickname of Norbertvdberg and had profiles on Reddit, GitHub and Quora. They are all gone now.
its very difficult to be safe right now.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
HI,
Why would some one one do this, this is horrible.
4 Million , HOPE IT WAS WORTH IT.
:-(
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Yea.. He also used advertising to promote hes website as the top result in Google for "IOTA seed generator".
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Not good for the ones that lost out-
:-(
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Oh !!!
This days second news, wher peoppel loos mony!!!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit