The hacker who had managed to steal over €10 million worth of IOTA tokens from numerous users was arrested by the European Union Agency for Law Enforcement Cooperation (Europol). In order to pull off the theft, the cybercriminal created a fake random seed password generator for IOTA users.
Over 80 people had fallen victims to the fraudulent scheme before the hacker was finally arrested in Oxford, UK.
The thefts started back in January 2018 by a hacker under the pseudo-name Norbertvdberg, under the impression of providing assistance to other IOTA users.
According to Europol, the cybercriminal set up a website named iotaseed.io. The malicious service was disguising itself as a password generator for IOTA wallet users. It offered its potential victims to generate unique 81-digit-long passwords compliant with various IOTA wallet applications.
In order to trick his victims, the hacker had even created a GitHub repository claiming to contain the source code for the iotaseed.io. The malicious service was, nevertheless, creating easily predictable passwords thus providing the hacker with an easy access to user wallets.
Norbertvdberg had been maintaining his trap operational since August 2017 till January 2018 when he began stealing funds from gullible users’ wallets.
Initially, the thefts were going undetected due to simultaneous DDoS-attacks against IOTA servers, which diverted the administration’s attention from the fraudulent transactions. Eventually, users started discovering their financial losses and filing reports with the law enforcers. This was followed by the German police initiating the investigation on the matter.
The hacker attempted to delete all his social media and GitHub accounts, but the police was still able to get lead on him in July 2018. The suspect was finally arrested in the U.K. on charges of fraud, theft and money laundering.
Back in May 2018, Bavarian authorities auctioned off confiscated cryptocurrency worth of €12 million.
The cryptocurrency amount was seized during the criminal proceedings against the online platform Lesen und Lauschen which had been offering over 200 000 electronic an audio books for negligible fees of several cents.
In November, Bulgarian law enforcers arrested three suspects in a theft of $5 million worth in crypotcurrencies.