Since the end of December, users of Bitcoin wallet Electrum have lost 771 BTCs (worth about $4 million) in phishing attacks, according to theenextweb.
We will continue to monitor and track further movements of funds after a recent user submitted a coin-losing incident claiming that the download used an Electrum wallet had been phishing attack, losing more than 700 bitcoins, and that the stolen address had been added to the Devi AML system. It is reported that malicious website (electrumsecure) fake E) fake Electrum website to carry out phishing attacks, guide users to download and use the wallet, in order to steal the user's private key and other sensitive data. Devi Security Labs is here to remind users not to install unknown sources of Electrum wallets, to avoid asset losses.
Electrum Phishing Update Event Alert.
Up to 55.97 percent, the anti-phishing website system successfully blocked more than 111832308 attacks redirected to phishing sites, up 35220650 from the previous reporting period.
Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. As of 13:00, at least 1450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade tips. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.
Bitcoin Wallet Electrum users face phishing attacks, and when a user updates a client with a backdoor, the private key is stolen and 1450BTC has been stolen so far.
Electrum tweeted today about the incident, saying it was "a persistent phishing attack on Electrum users" and imploring users to check the effectiveness of the resources they log on to.
electrum website blocked due to phishing
The electrum and Electrum-LTC versions below 3.3.3 are vulnerable to phishing attacks in which a malicious server displays a message asking the user to download the fake Electrum. To prevent user exposure, versions older than 3.3 can no longer connect to public servers and must be upgraded. Do not download software updates from sources other than electrum.org and electrum-ltc.org.
Electrum developers are now warning about many other projects that try to clone popular wallets after the december announcement of a phishing attack. On January 10th they warned on Twitter that they were carrying out a sustained phishing attack on Electrum users, with rogue servers demanding that they install Bitcoin to steal malware. We released version 3.3.2, which mitigates attacks.
Electrum fakes upgrade tips for phishing attacks to steal at least 200 BTCs, and you need to be alert to such attacks.
The first hacking threat we talked about in his presentation was phishing, which is essentially an attempt by an attacker to trick users into handing over their login credentials through a fake legitimate website. For example, an attack on Bitcoin Lite Wallet Electrum falls into this category.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website" and that The Healthy Security Lab advised users not to install an unknown source of Electrum wallets to avoid being tricked.