Cryptocurrency wallet Electrum has become the new target of hackers. This time the attackers managed to steal approximately $ 243 bitcoins, which is about 937 thousand dollars on the current exchange rate. The project team confirmed information about the attack and has already taken appropriate measures. Phishing method is quite simple — the crooks were released into a network of fake version of the Electrum client, which steal user passwords.
A day without hackers
A Reddit user under the nickname u/normal_rc told about the scale of operations.
Hackers have created a network of servers with malware. If someone Electrum client joined one of these servers and tried to make a transaction in BTC, a user received the message on necessity of update of the wallet. In the message it was attended by a phishing link.
It is noteworthy that immediately after login Electrum requires that users enter the code two-factor authentication, which was later exploited by hackers.
When I entered the login and password wallet required me to spend two-factor authentication. I thought it was strange since Electrum only asks for the code when you try to send cryptocurrency.
A Reddit user also reported on another one.
I have several times tried to carry out the transaction and got the same error “max fee exceeded no more than 50 sat/B [some satoshis per byte]”. I then restored your wallet on another computer and saw that all my coins are gone.
According to u/normal_rc, all “extraction” of hackers flock to several locations, which then forwarded cryptocurrency in one wallet. There has already accumulated 243 of bitcoin.
Team Electrum today warned its users on Twitter and asked a few times to recheck the links those are included in your account.
There is an ongoing phishing attack against Electrum users. Our official website is https://t.co/aHiZIZH54e Do not download Electrum from any other source. More on the attack here: https://t.co/x5mPVspKfO
— Electrum (@ElectrumWallet) December 27, 2018
Our official web site https://electrum.org. Do not download wallet from any other sources.
Know about other cases of hacker attacks? Share information about them in our cryptodata.
SUBSCRIBE TO OUR CHANNEL IN THE TELEGRAM. THERE’S MORE INTERESTING NEWS.