This update prompt is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so.
best server on electrum
Wallets that are widely used include Bitcoin Electrum, Ether Wallet, imtoken and Jaxx. The Privat Key for this type of wallet is in the user's own hands, more secure and easy to use. The limitation is that after the transaction signature is completed, the transaction is broadcast out or depends on the central node server, when the volume of business is large, the server performance overload, may cause the transaction can not be successfully sent.
To synchronize information on the Bitcoin blockchain, Phoenix Wallet connects to a random Electrum server. However, to provide greater confidence, it allows you to modify this connection, making it easier for you to connect to a trusted server or your own server.
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum Wallet is fast and has few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
On the server
In a forum post on Bitcointalk, website administrator Theymos explained: "If at any time in the past you've logged in to Electrum without a wallet password and opened a web page, your wallet might have been stolen." Particularly paranoid people may want to send all bitcoins (BTCs) from their old Electrum wallets to the newly generated Electrum wallet. "
Electrum DASH "PrivateSend" is on TestNet.
The Electrum team has also been developing other features. Electrum Wallet users can view the full release notes here.
Electrum is a well-known light wallet for Bitcoin that adds new features such as server authentication using SSL to prevent MITM attacks. So unlike other Bitcoin light wallets, Electrum cannot communicate directly with different versions of Bitcoin full nodes, and each startup connects to electrumserver to communicate, and electrum.
Users of Bitcoin wallet Electrum are currently facing a phishing attack, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install the backdoor-carrying client, the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade alerts. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.
According to the slow fog zone, the Phishing attack by Electrum forged upgrade tips has stolen at least 200 BTCs, and this attack cannot be avoided by upgrading Electrum alone, requiring the entire ecological service to make corresponding changes (because Electrum is not a full node, and then on the transaction broadcast and the corresponding server has a message communication, the attacker can also deploy a malicious server)
Like Bitcoin's core wallet, Electrum Wallet allows users to control their own funds and private keys. Electrum wallets' private keys can also be exported and used on other supported wallets to access funds. Electrum apps are available for Windows, Linux, OSX and Android, but do not support iOS and browser clients.
Bitcoin desktop wallet client Electrum has released a 4.0 beta version, adding several important updates, including support for the Lightning network, nearly a year after the previous version of Electrum, 3.3.8 (last July). In the 4.0 beta version, Electrum mainly added features such as PSBT (partially signed Bitcoin transactions), Lightning Network, watchtowers (暸 watchtowers) and Submarineswaps (subliminal switching). (Github)
Use the Electrum wallet.
On December 27, Reddit user u/normal_rc reported that Electrum's wallet had been hacked and that nearly 250 bitcoins (243.6 BTCs, nearly $1 million) had been maliciously stolen, coinelegraph reported. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
It's not hard to run your own Electrum server and point your wallet to just use it. This restores Electrum to the point where it has the same privacy and security attributes as the full node, where no one else can see the address or transaction that the wallet is interested in. Electrum then becomes an all-node wallet.
Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. As of 13:00, at least 1450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade tips. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.
server to communicate. At this point, a limited number of electrum server nodes are mixed with the hacker's malicous nodes.Download DOCX about best server on electrum, on electrum