My old physics teacher always said: "It's the dumb criminals who get caught; you never catch the smart ones." He was a really smart guy, and he did live a nice lifestyle, hmmm...
Anyway, so IOTA. As with any digital currency, you need some random information - a passphrase typically - that is used when you create your wallet. In the case of IOTA, which is supposed to be IOT friendly, this means a string of 81 random characters, the generation of which could be pretty easily automated.
That's great, and the OSS world being full of helpful people, someone wrote a handy generator, put the code for all to see on GitHub, and put their generator onto a website where you could easily make use of it. Nice.
Actually, diabolical. The code on the website really was identical to the code on GitHub, except for one tiny, almost insignificant change: at some point, the owner swapped out the random seed to a value that he knew. Not even constant - that would have been too obvious - but known nonetheless.
And for many months, many people used his friendly little service. Until January 19th, when he emptied their IOTA wallets, erased his presence from the Interwebs, and quietly disappeared. $4 million or so richer.
This one won't be caught.
tl;dr for anyone who doesn't get it: The point of having a secret password, secret passphrase, or secret key is that it's secret. Which means that you don't have it generated for you by a public web service.
(Score: 2) by All Your Lawn Are Belong To Us on Thursday February 01 2018, @08:42PM
The real question being once this news broke, what happened to IOTA's coin price? Prices are down 21% so far in trading today.
Assuming the coin's already been traded off, the real loser is the exchange(s) who accepted the deal only to find their quote price 20% down from then.
Also, if it was the sum total of all Iota coins existing (the market cap was $6.4 million earlier today and is currently around $4.9 million. So the story is a little unclear to me if this was actually every Iota coin in existence or just a huge chunk of it,) then whoever got it all in exchange either has total control on the current supply or a market-making block of it.
This sig for rent.