IOTA Regains Majority of Last Year’s Hacked Coins

Last week, European law enforcement officials detained the main suspect in the big IOTA heist that happened in 2018 and cost the Foundation over $11 million. The agency also recovered the bulk of the coins stolen from users’ wallets. Europol, in cooperation with British and German police, tracked down a British resident who is allegedly responsible for stealing $11.34 million in IOTA coins last year.

IOTA Recovers All Stolen Funds From 2018 Hack – https://t.co/4LBQEtNH5Q

Last week, a UK national was arrested under suspicion of stealing €10 million ($11.34 million) in IOTA tokens.

IOTA Foundation has managed to recover roughly 99 percent of the cryptocurrenci… pic.twitter.com/yIhkfKuWIQ

— Scooblr (@Scooblr) January 31, 2019

According to a statement from Europol, the 36-year old man was arrested in Oxford, UK, under suspicion of fraud, money laundering, and stealing crypto assets from at least 85 victims since Jan 2018. His identity was not disclosed, though it is reported that, in the crypto community, he is known as ‘Norbertvdberg.’ Dominik Schiener, IOTA co-founder and co-chairman, stated that almost all if the hacked funds — about 99 percent of them — have been recovered. Luckily, cryptocurrency exchanges blocked the hacker’s accounts before he cashed out or transferred the coins. Schiener also added that only a minor part was still missing. However, the customers still can’t get their money back because the authorities now hold the recovered funds as evidence against the criminal.

Background

The investigation was launched in early 2018 when numerous investors reported stolen funds from their IOTA wallets. Initially, most cases were reported to German police but law enforcement agencies identified over 85 victims worldwide. They also found the source of the fraud — the malicious website Iotaseed.io — that offered seed generating services for IOTA wallets’ holders. The suspect was first tracked by German authorities back in July 2018 but he lived in the United Kingdom. Thus, Germany had to coordinate its actions with Europol’s European Cybercrime Centre and British investigators. Eventually, on Jan 23, the hacker was arrested. Now, he will be extradited to Germany to be brought before the court.

Bad Seeds

‘Norbertvdberg’ managed to benefit from the safety mechanism deployed by IOTA — which currently ranks 14th among the top cryptocurrencies. Its wallets are protected by an 81-digit security seed, which acts as a password or a private key. Online seed generators can create these seeds. Knowing this, the fraudster set up such a website offering to generate a random seed for IOTA wallets’ holders. IOTASeed.io indeed generated passwords — but it also kept records of these codes. The site operated for about five months to allow the hacker to collect enough private keys. Then he accessed people’s accounts and drained their funds. IOTA was not able to detect this illicit activity immediately because, at that time, it suffered a DDoS attack on its servers. Some now believe that this attack was also initiated by ‘Norbertvdberg’ to lay down a smoke-screen.

One Man Show

Cryptocurrency-related crime — which occurs during both bull and bear markets — has become a big problem. Darknet market activity keeps growing, even amidst the depreciation of digital currencies. However, IOTA’s story is notable for one aspect. According to recent findings of Chainalysis, a crypto-research company, today’s most successful modern crypto-criminals are not lone wolves but organized professional groups which committed most of the biggest hacks in 2018. Yet, ‘Norbertvdberg’ seemingly acted alone. Do you believe that lone crypto criminals might be more successful than organized groups? Let us know what you think in the comments below!