Europol has nabbed a shyster from the UK who managed to steal approximately €10 million ($11.37 million) of the IOTA cryptocurrency. The European police department said in a news release on its website that the individual was taken down in conjunction with the UK’s South East Regional Organized Crime Unit (SEROCU), along with help from Germany’s Hessen State Police and the National Crime Agency of the UK. He is suspected of money laundering, theft and fraud as a result of his illicit activities.
The joint operation was conducted following an investigation that began after around 85 victims from around the world had their IOTA assets stolen beginning in January of last year. The Hessen State Police initiated the investigation after several Germans had reported the theft of their assets and determined that the activity was tied to a fraudulent website, Iotaseed.io.
IOTA is meant to provide a greater level of security to crypto wallets. Users must use an 81-digit seed that can be generated using seed generators available online. Iotaseed.io was supposedly one of these generators but, in reality, was a scam site that allowed the crook to gain access to the wallets.
In July of last year, the German police were able to follow trails to the suspected thief in the UK. The authorities turned over the case to Europol’s Joint Cybercrime Action Taskforce (J-CAT), which is hosted at the European Cybercrime Centre of Europol, and analysts were able to support the initial findings, leading to J-CAT coordinating “the international cooperation between the different EU Member States involved.”
Europol adds, “In addition, an operational meeting was organised at Europol’s headquarters between German and British investigators and Europol’s EC3. The meeting proved to be an invaluable asset for the smooth exchange of intelligence and evidence between the German and British authorities, which has led to this arrest.”
SEROCU arrested the unidentified 36-year-old con artist following a raid of an address in Oxford, UK. In addition to the arrest, “a number of computers and electronic devices were also seized.”
In conducting his scam, the thief, identified in a report by ZDNet as going by the nickname “Norbertvdberg,” tied his activity to a public GitHub repository that reportedly contained the source code of the iotaseed.io service. In actuality, the code generator simply used the Math.seedrandom function that the seed generators use and affixed a sequential number to the provided seed, allowing the fraudster to easily gain access to the wallets.
GitHub is an invaluable tool for crypto developers and users. However, it has started to develop a darker side lately as it is becoming inundated with malfeasance. One study recently discovered that the popular repository is rife with crypto malware and, as is the case with any platform or service, caution needs to be exercised when accessing data stored on the site.
New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.
