Researchers find security flaws in IOTA cryptocurrency

Researchers at the Massachusetts Institute of Technology (MIT) and Boston University have released a report outlining security flaws in IOTA, a cryptocurrency that supports Internet of Things transactions. Currently the eighth largest cryptocurrency by market cap, IOTA worths over a billion dollars, and is working with entities like Microsoft, University College of London, and Cisco. Researchers explained that they were able to break the hash function used by IOTA as part of its digital signature scheme (which is used to ensure that funds can only be spent by rightful owners). They demonstrated how an attacker could forge a digital signature to steal users’ funds. The vulnerability was reported to the IOTA team in July, and a patch was issued in August. While the vulnerability is no longer present in IOTA, researchers have published their findings to draw attention on the fact that organisations need to vet technologies before they partner with them.