en
Back to the list

Phishing Attack on Electrum Wallet Nets Hacker Almost $1 Million in Hours, Report

Security

cointelegraph.com 27 December 2018 19:50, UTC
  
Reading time: ~2 m

A reportedly ongoing hack against cryptocurrency wallet Electrum has seen a malicious party steal almost 250 Bitcoin (BTC) (about $937,000), commentators reported on social media Dec. 27.

Subsequently confirmed by Electrum itself, the attack consists of creating a fake version of the wallet that fools users into providing password information.

“The hacker setup a whole bunch of malicious servers,” Reddit user u/normal_rc explained:

“If someone's Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling them to update their Electrum Wallet, along with a scam URL.”

Affected users report trying and failing to log in to their wallets after providing their two-factor authentication code — something Electrum does not in fact request during login. The hackers then empty the wallet balance.

“[W]hen I logged on it immediately asked me for my 2 factor code which I thought was a little strange as well as Electrum usually only asks for that when you attempt to send,” one victim continued in another Reddit post, adding:

“I kept trying to send and kept getting an error code ‘max fee exceeded no more than 50 sat/B [satoshis per byte]’ I then restored my wallet on a separate pc and found that my balance had been transferred out in full[.]”

According to u/normal_rc, several addresses are feeding into one main holding address, which currently contains 243 BTC.

Electrum posted about the incident on Twitter today, stating “[t]here is an ongoing phishing attack against Electrum users” and implored users to check the validity of the resource they were logging into.

“Our official website is https://electrum.org[.] Do not download Electrum from any other source,” the tweet continued.

Wallet hacks are less frequent than those afflicting online exchanges, several of which — most notoriously Japan’s Coincheck — have lost users hundreds of millions of dollars in 2018.


   Source
Back to the list

Similar news
Suggest news


Security
Hackers May Have Stolen 245 BTC From Electrum Wallet
usethebitcoin.com 29 December 2018 22:18, UTC
Security
Hackers Stole 200 Bitcoin in Electrum Wallet Hack
www.altcoinera.com 28 December 2018 13:39, UTC
Security
Phishing Attack on Electrum Wallet , 250 Bitcoins Lost
www.thecryptoupdates.com 28 December 2018 11:44, UTC
Security
Phasing Attack on Electrum Wallet Nets Hackers 202 BTC
www.cryptoglobe.com 28 December 2018 11:02, UTC
Security
Phishing Attack On Electrum Wallet. About 200 BTC Lost
bitnewstoday.com 28 December 2018 07:59, UTC
Security
Bitcoin Electrum wallet gets hacked for 200 btc in one week
www.chepicap.com 28 December 2018 05:48, UTC
Security
200+ Bitcoin Stolen From Electrum Wallet Users Via Hack
www.ethnews.com 27 December 2018 21:11, UTC
Security
Bitcoin Electrum Wallet Attacked: Hacker Steals 200 BTC
ethereumworldnews.com 27 December 2018 17:09, UTC