Hackers May Have Stolen 245 BTC From Electrum Wallet
Hackers could have stolen 245 Bitcoin (BTC) from the Electrum wallet network. A phishing attack could have managed to steal around $880.000 in BTC. The information was released by Electrum a few days ago on its official Twitter account.
Electrum Wallet Phishing Attack Affects 245 BTC
According to Electrum, there was an attack on its users where servers raise exceptions when a client broadcasts a transaction. After it, an error display is shown to the user. The message says that a security update is required. This error message says to the user that it should download a new version of the wallet. However, the file is just a malware.
There is an ongoing phishing attack against Electrum users. Our official website is https://t.co/aHiZIZH54e Do not download Electrum from any other source. More on the attack here: https://t.co/x5mPVspKfO
— Electrum (@ElectrumWallet) December 27, 2018
The message displayed to users reads as follows:
“This important security update provides a fix for transaction deserialization vulnerability and is recommended for all users. Transactions can only be sent after applying the update. Please visit the link below to find instructions on how o update to Electrum 3.4.1.”
According to the warning released by Electrum’s Github, the attacker created lots of servers to increase the chance a client would connect to him. Electrum made silent mitigations in 5248613 and 5dc240d. Additionally, they have also released 3.3.2 in order for the attacker to stop operating in the network. For some time, the hacker stopped, but he started once again.
A Reddit user has posted a Bitcoin address a few days ago, that seems to be the one that the attacker is using to steal the virtual currencies. If the address is the one used by the attacker, it might have stolen 245 BTC since then.
This is not the first time that there is such an attack in the crypto market. There have been several occasions in which an attacker has been stealing funds from users. According to the blockchain security firm CipherTrace, around $1 billion in virtual currencies have been stolen during 2018.
There are several different malware targeting crypto users. Several times, there are fake websites that imitate recognized exchanges. Furthermore, it is also possible for the victim to download a file and install a malware that would be used to steal users’ funds or ask for a ransom in Bitcoin (BTC) or other virtual currency.
Back to the list