Back to the list

Phishing attack on Electrum wallet sees over $900K in Bitcoin stolen


www.chepicap.com 27 December 2018 18:44, UTC
Reading time: ~2 m

According to a post on Reddit, a new phishing attack has affected the Electrum wallet and seen user funds stolen to a tune of 243 BTC ($900,000 USD). The attack is perpetrated through malicious servers and a fake github link. Only users attempting to move funds with the nefarious servers have been affected.

As per reddit, it seems the attackers set up multiple servers that, should a user connect to, would cause the following error to appear:

Right off the bat, this has at least two red flags. One is that the link is not clickable, according to users, but must be copy/pasted into a browser. The second is that the github link is not the official Electrum github. At this point a wary user would probably stop to further investigate.

Users who report continuing on were then prompted to install the "updated" Electrum client. The rest is what you would expect, after installing the new software, which was really malware, their wallets are emptied.

It seems that the attacker has been pooling all funds to the followiing address, which at this time has amassed over 243 BTC.

The official Electrum twitter commented on the situation:

There is an ongoing phishing attack against Electrum users. Our official website is https://t.co/aHiZIZH54e Do not download Electrum from any other source. More on the attack here: https://t.co/x5mPVspKfO

— Electrum (@ElectrumWallet) December 27, 2018

As stated, only users who connected to these servers and then proceeded to follow the link have been affected. That being said any users who use Electrum may want to watch and let this play out before attempting to move funds. As usual, stick with Chepicap for any updates!

Back to the list