$4 million IOTA stolen from wallets by a malicious seed generator

A malicious seed generator, the now offline "iotaseed.io," was able to steal around $4 million worth of IOTA from its users' wallets by collecting data, allowing someone who either ran or hijacked the website to cash out the wallets once they were filled out. The original website linked to a GitHub repository, complete with warnings to check the URL to avoid scammers and advising the user to use the website directly instead of downloading the code from GitHub, saying it is untested. When compared to the GitHub's files, the website loaded an extra JavaScript file containing malicious code. Generating a repeating series of numbers, this code caused the generated IOTA wallet seeds to always be the same.

The phishing website was eventually shut down and replaced with a screen that read, “Taken down. Apologies.” At this time, it is unclear if the code came from the GitHub repository's owner or if it had been hacked. IOTA founder David Sønstebø believes the generator was created as a "phishing website" and does not believe any actual hacking occurred.

New Russian law will limit cryptocurrency trading to authorized exchanges, users won't hold private keys
Houston Rockets beat Golden State Warriors 98-94, secure 3-2 lead in Western Finals
British Foreign Minister Boris Johnson has 18-minute phone call with prankster claiming to be Armenian PM
Assange's sanctuary in embassy said to be 'in jeopardy'
Mediterranean children are ditching famous local diet for sweets and junk food
She's always listening: Alexa recorded a private conversation and randomly sent it to a contact
After Trump-Kim summit canceled, White House gives 20% discount on the summit coins