by Avi Mizrah
January 22, 2018
The IOTA project is again the target of public anger and criticism. This time the issue is a feature of the technology that apparently allowed scammers to steal around $4 million from many unsuspecting users.
IOTA, the network behind the 11th most valuable cryptocurrency in the world by market cap (MIOTA), is coming under an attack on social media and community forums. The technology behind the project is accused of enabling an apparent exit scam or hack which cost users about $4 million, according to reports.
This is not the first time IOTA has come under attack. Back in December the project received a lot of public scorn for allegedly over hyping a “partnership” with Microsoft.
The IOTA wallet requires users independently generate their own seeds (private keys). Many users have relied on online key generators to do this, such as iotaseed.io.
If someone maliciously hacked into the online generator (or was behind it at the first place) they could just collect all the seeds IOTA users were getting from them and wait for the best time to strike. This apparently happened on Friday night, when a lot of funds started moving using stolen seeds. At the same time, whoever was behind the theft organized a distributed denial of service (DDoS) attack against some of the most popular IOTA full nodes, effectively preventing the victims from recovering their money.
While IOTA supporters explain that this is not a bug in the technology itself, which they say is still perfectly secure, critics aren’t buying it. For them depending on end users to generate the seeds is seen an easy attack vector for trouble makers, just asking to be exploited.