Hackers has reportedly broke into an online IOTA seed generator website iotaseed.io and have made away with over four million US dollars worth of IOTA tokens.
Unlike Bitcoin and some other cryptocurrencies, the procedure of generating seeds for a new IOTA wallet is quite a hard task for some users. An IOTA holder is required to provide a string of 81 characters that they could use to access the wallet.
Although there are others ways to generate the character strings via offline resources, which include creating a key using Linux or Mac terminals. However, the process is quite a cumbersome task for some to carry out.
This has made many holders of the IOTA token to generate seed through online websites like the now hacked iotaseed.io.
The site has now gone offline leaving only a message that reads: “Taken down. Apologies.” After the Incident, a key member of the IOTA Evangelist Network, Ralf Rottmann, took to Medium to explain that the seed generator site might have been the target of a DDOS attack and it’s probably not not the owners of the website that stole people’s funds.
“From what I’ve heard, many users who lost their funds created their seeds at iotaseed.io. chances are, the folks behind this and potentially other seed generators have sat tight for a while, collecting piles of seeds, though the actual numbers of users affected are not known, the fact, that iotaseed.io is still online at the time of this writing might suggest that the site got compromised itself, and it’s not the folks behind the service who ran the attack.” He said.
The IOTA team has been warning IOTA users to desist from generating seeds through online generators. The IOTA community has made it clear to the world that this latest hack has nothing to do with IOTA’s technology.
“The attackers knew the seeds. You invited them into your wallet, by handing them your keys on a silver platter. And once again: do not use online seed generators. Generating an IOTA seed in a secure, completely offline fashion is the best protection you can get.” Rottman said.
The IOTA project has passed through a lot of challenges in recent times. From the issues of vulnerabilities on its platform to deceptive marketing strategy and now to this latest hack.