Electrum Wallet Attack May Have Stolen As Much as 245 Bitcoin

Bitcoin Electrum Wallet Attacked Hacker Steals 200 BTC

Bitcoin Electrum Wallet Attacked Hacker Steals 200 BTC

According to emerging reports, the popular Bitcoin wallet software Electrum has been attacked costing those affected over $750,000 worth of Bitcoin.

The app, which closely resembled its bonafide counterpart, was exposed as a vector of attack that malicious individuals can exploit, stealing Bitcoin private keys in the process.

The news of the attack first appeared on GitHub via one of Electrum's developers code-named SomberNight. The attack reportedly began on December 21, and stopped after GitHub admins took down the attackers' repository.

To acquire users' bitcoin, the attacker added several malicious servers to Electrum's network.

Some users even manually copy-and-pasted the link provided in the error message and downloaded the malicious update via that route. After downloading the app, the user logged back in again, and the system asked them for their 2-factor authentication (Electrum normally only asks this when a user is attempting to send funds to a recipient). This occurrence is unusual given that 2FA only comes into play when transferring BTC not when starting up the wallet. This code would then be used to make a legitimate transaction to the attacker's wallet.

The user made multiple attempts to send their BTC, and each time would get an error message saying, "max fee exceeded no more than 50 sat/B".

Bitcoin Wallet Malware Scam Targets Electrum Users And Garners Over 200BTC

CasaHodl CTO Jameson Lopp, a veteran software developer, explained that users who connect to their Electrum server were unaffected in the hack.

"A sybil + malware attack is ongoing against Electrum Wallet users", he cautioned on Twitter. For now, GitHub admin have removed the fraudulent repo but there are concerns that the same scam could be repeated using a link to a different repository or alternative download source.

After receiving news of attacks, the Electrum team responded by silently updating the Electrum wallet app, so these messages don't render as rich HTML text anymore.

"We did not publicly disclose this [attack] until now, as around the time of the 3.3.2 release, the attacker stopped..."

A more permanent solution would be to eliminate the ability to send customized error messages. This would prevent hackers from being able to send error codes that the wallet can decode into a message advising a specific action. Other reports indicate that the attack garnered 250+ BTC for hackers, but these numbers haven't been confirmed.

Despite the slowdown, Electrum's admins believe the attack will continue in the near future, as soon as the attacker gets a new download location for its malicious files. In September, Bitcoinst reported on the use of fake websites in Singapore to steal credit card information.

After Trump visit, Iraqi lawmakers demand USA withdrawal
And, by the way - I know you don't care about this - but that also includes raises for our military. In fact, military pay has increased every year for more than three decades.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.