IOTA Seed Generator Scam Site
4 min read

IOTA Under Fire For Reliance on User Seed Generation

By Editorial Team

IOTA has been making news recently as it has chalked up impressive partnership deals with partners including Bosch in Germany.

However, it is now been attacked on social media and by a number of users because of a particular issue that relates to its wallet security. This has already resulted in almost $4m in IOTA been stolen from holders.

The problem came from the fact that IOTA has had to rely on the users to create their own seeds for their wallets. This can be seen below by the instructions of the type of seed they require.

IOTA Seed Generation Instructions
Instructions for Generating an IOTA Seed. Source: iota.org

For the more technically inclined users, this could be done using the command line tools described. However, many of the newer less technical users resorted to online seed generators.

Of course, this is something that the scammers know themselves all too well. This is where things went wrong for these unfortunate users.

The Power of a Seed

Fake IOTA Seed Generator
Fake IOTA Seed Generation Website

The seed words are arguably the most important pieces of data for any cryptocurrency. They are essentially the master keys to the safe that is your wallet. Hence, in the hands of someone else, your crypto is in their hands.

In the case of the latest IOTA seed scam, the hackers relied on the websites that created the seed phrases for use in the wallets. They had either created these sites from the beginning or they had taken over control of a legitimate website.

The hackers had successfully sucked up a great deal of wallet seed phrases from these crypto users. An example of one of these sites is iotaseed.io. When you visit the site in question you can see that the page has been taken down.

The Co-ordinated Attack

Given that the hackers now had all of the seeds for the unsuspecting victims, they had to strike and attack the unsuspecting victims. It appears that they chose Friday night as the most effective time to do this.

The hackers also wanted to make sure that they had effectively covered their tracks. Hence, they decided to launch a wide scale Dedicated Denial of Service (DDoS) attack on some of the most used IOTA nodes on the network.

This DDoS effectively brought massive strain on the network for a period of time. This meant that the users were not able to stop the attackers and they were able to make a clean break with the stolen funds.

In total, the hackers were able to make away with a pretty sizable chunk of IOTA valued at just less than $4m at the prices prior to the hack. Clearly there were those who were not happy with this as demonstrated with the below tweets.

The IOTA development team moved quickly to make sure that no one made use of these websites by issuing a PSA on reddit. However, this came too late for many as their IOTA tokens started to flow out of their wallets.

User Error or Design Flaw?

While many in the IOTA community tend to agree that this was in essence a user error, one has to question the foresight of having a wallet that requires users to generate their own seeds. Such important information should not be left to fundamental error.

Moreover, this is not the first time that IOTA has faced criticism of its technology. The most notable example was the research that was done by a MIT team that disclosed the hashing function vulnerability.

When these were disclosed, the IOTA foundation actually threatened to sue the researchers and accused them of trying to needlessly attack the IOTA project.

This is unfortunate as these particular criticisms are helpful to improve security. The costs and efforts of addressing concerns in the community are much less than the damage caused by security issues such as this one.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Latest Posts

Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Serum Review
Serum Review: Solana’s One-Stop DeFi Toolbelt
Serum Review

Serum Review: Solana’s One-Stop DeFi Toolbelt

June 16, 2022 17 min read
Raydium Review: Solana’s DeFi Liquidity Mammoth

Raydium Review: Solana’s DeFi Liquidity Mammoth

June 11, 2022 17 min read
crypto com
Crypto.com Exchange Review 2022: A World-Class Crypto Exchange
crypto com

Crypto.com Exchange Review 2022: A World-Class Crypto Exchange

June 14th, 2022 30 min read

Related Posts

Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Serum Review
Serum Review: Solana’s One-Stop DeFi Toolbelt
Serum Review

Serum Review: Solana’s One-Stop DeFi Toolbelt

June 16, 2022 17 min read
Raydium Review: Solana’s DeFi Liquidity Mammoth

Raydium Review: Solana’s DeFi Liquidity Mammoth

June 11, 2022 17 min read
Top Desktop Crypto Wallets
The 8 Best Desktop Wallets in 2022
Top Desktop Crypto Wallets

The 8 Best Desktop Wallets in 2022

May 30, 2022 16 min read