Iota founder confirms he will repay victims of the hack for $ 1.97 million

On February 12, Iota (MIOTA) suffered an attack on its official desktop wallet. The Iota network went offline the same day and has been down since then.

On March 6, David Sønstebø, the founder of Iota, announced that he would repay in full all 46 victims of last month’s Iota hack, worth 8.52 million MIOTA – worth approximately $ 1.97 million at the time of writing.

Cointelegraph spoke directly to David, who confirmed that he will reimburse all affected users out of pocket and that the Iota Foundation is still on track to restart the network on March 10th.

He also shared the lessons he learned from hacking, the Iota team’s previous success in catching an Iota thief, and offering advice to budding crypto developers.

Cointelegraph: We see posts being passed around suggesting you are considering repaying those affected by the recent Iota hack out of your personal money. Could you confirm that these statements are authentic?

David Sønstebø: The news on Iota’s Discord is indeed authentic.

CT: Can you provide a brief overview of the hack and the events that led to it? e.g. How many Iota were stolen?

DS: The hack itself was on MoonPay’s infrastructure, but due to the way it was integrated into the Iota wallet, there was a vulnerability that was exploited by the hacker. The total amount of iotas withdrawn from the accounts was 8.52 ti.

CT: How many Iota users were affected by the hack? Do we know how many individual wallets have been stolen?

DS: 46 people were directly affected by the attacker, through quick action (including switching off the coordinator) by the Iota Foundation, we were able to prevent the attacker from stealing even more people. Two of the users had multiple seeds, i.e. around 50 individual wallets.

CT: What made you choose to reimburse users from your personal resources? Have other options been considered? How much will it cost you

DS: It’s simple: I didn’t start Iota with the aim of making myself or my co-founders rich. Because of this, we are the only project that does not have a pre-mine or special allocation of tokens of any kind; Iota is really basic. Our goal is to build the world’s first truly decentralized, scalable and toll-free DLT to catalyze a secure autonomous future and license-free innovation in a variety of industries. We are closer than ever to the very goal we set ourselves a few years ago. So I decided to use my personal holdings (which I haven’t touched in 2 years) to protect the Iota Foundation runway. In this way, we can continue to pursue this ambitious goal undeterred. I would like to emphasize that no individual within the organization is to blame for this and that I have never been as proud of the team we have built as I am now. It will cost about $ 2 million. This is definitely a lot of money, but if money was my main motive, the past 2 years have given me ample opportunity to maximize my profits. I didn’t have. For me the main goal is to shape this future based on our vision. Hopefully one day the perpetrator will be held accountable and the funds recovered. The chances are slim, but we’ve done it before.

CT: What would you say are the lessons you have learned from the experience?

DS: It was a haunting reminder not to compromise on security under any circumstances. This MoonPay vulnerability arose as a result of the Iota Foundation’s attempt to deliver on all fronts, including building one of the best wallets in the field. In retrospect, we should have had a lot more due diligence and stricter audit procedures and just more patience. I can assure you that this oversight will not be repeated and that IF has already entered into further collaborations with external auditing firms and has hired further security specialists [the Iota Foundation].

CT: Do you have any tips for small developers on how to stay safe?

DS: “Only the Paranoid Survive” is a good phrase to stick to when developing software. In addition, my advice would be never to give up; Everyone shits every once in a while, it’s all about how you react to the situation and what lessons you carry with you as you move on.

CT: What can we expect from Iota in the coming months?

DS: The Iota Project and Foundation are thriving and moving on all fronts faster than ever. There are significant updates to the protocol known as chrysalis. We also work with numerous companies to streamline Iota’s path to mass adoption. In fact, on the day of this attack, we launched Tangle EE, which was somewhat overshadowed by this unfortunate incident. It’s something that anyone interested in DLT should try.

CT: Is Iota still on track to restart the network on March 10th?

DS: Yes.

Comments are closed.