Europol, German, and British authorities have announced today the arrest of a British national who they believe is behind the theft of more than €10 million ($11.4 million) worth of IOTA cryptocurrency.
The man, whose name has not been released yet, is believed to be the main culprit behind a wave of IOTA thefts that occured in January 2018.
According to reports from last year, the hacker, who used the nickname of “Norbertvdberg’ while providing support online to other IOTA enthusiasts, set up the website iotaseed.io, which he advertised as a random seed (password) generator.
The site offered to help IOTA users to generate unique passwords that are compliant with the specifications of various IOTA wallet apps –seeds need to be 81-digit-long and use certain characters.
To convince users that his website was legitimate, the hacker linked to a public GitHub repository that claimed to contain the source code of the iotaseed.io service.
Unbeknownst to all the site’s users, this was a false claim, and according to an analysis from Alex Studer, a UK student, the code generated predictable passwords that the hacker was secretly logging.