![]() Over at IOTA.FM we run six of the most popular fullnodes. At times, you couldn’t find a single public node, to successfully log into and move your funds before the attackers could do so. ![]() In doing so, they prevented the victims from rescuing their funds. In parallel, they orchestrated a distributed denial of service (DDoS) attack against many of the publicly known and popular IOTA fullnodes. Yesterday night, the thieves started moving funds from the stolen seeds to their own. ![]() The fact, that iotaseed.io is still online at the time of this writing might suggest that the site got compromised itself, and its not the folks behind the service who ran the attack. Chances are, the folks behind this and potentially other seed generators have sat tight for a while, collecting piles of seeds, though the actual numbers of users affected are not known to me. The IOTA Foundation has been emphasising the importance of keeping your seed ultra secure from the very beginning.īut still, users apparently got tricked into using shady online generators.įrom what I’ve heard, many users who lost their funds created their seeds at iotaseed.io (not linked here for obvious reasons). If you take only one thing away from this: Never, ever use online tools to generate your seeds. The root cause so this could happen was for users to rely on online generators to create their seeds. The good news: The IOTA technology is secure. The attacker did not leverage any vulnerability. On January 19th, 2018, some IOTA users lost their funds to an unknown attacker. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |