Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
1, 2, 2a, and 2b in have been completed, respectively, with the new risk assessment model (see 2.5.5), increasing the return of risk assessers (see 3.2.4), removing the upgraded portion of the disclaimer (see 2.4.1), and simplifying insurance cost pricing (see 2.5.1)
Of course, there are wallets that are not designed according to BIP rules, such as Electrum, which was the first wallet to use mnic patterns, and the first determinative wallet, which was introduced in 2011, and later The micound rule BIP-39, which became a recognized industry standard with its widespread use. Electrum is similar to BIP-39's monemone rules, but BIP-39 uses a fixed set of 2048 thesavers, and Electrum uses a different thesaver, but is compatible with BIP-39's monemone thesaver, and the reverse is not compatible.
electrum 2.4.1 not connected
Electrum Wallet does not download external scripts. Even if your server is hacked, you won't lose money.
Lesson 1: Third-party Electrum servers can link your two transactions together. This can be avoided by running your own Electrum server, supported by your own full node.
Electrum third party.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website" and that The Healthy Security Lab advised users not to install an unknown source of Electrum wallets to avoid being tricked.
The electrum and Electrum-LTC versions below 3.3.3 are vulnerable to phishing attacks in which a malicious server displays a message asking the user to download the fake Electrum. To prevent user exposure, versions older than 3.3 can no longer connect to public servers and must be upgraded. Do not download software updates from sources other than electrum.org and electrum-ltc.org.
According to The Next Web, the attackers even implemented their own Electrum servers, which hosted the attacked Electrum.
As of press time, phishing attacks that forged Electrum upgrade notifications have stolen at least 1,450 BTC (the number stolen is officially counted by a user, anti-malware companies Malwarebytes and Electrum), with a total value of approximately $11.6 million. It is worth mentioning that Electrum versions lower than 3.3.4 are vulnerable to such phishing attacks. Users who use Electrum wallets should update to the latest version Electrum 3.3.8 through the official website (electrum.org). At present, v4.0.0 has not been officially released. Version, please do not use the link in the prompt message to update, so as to avoid loss of assets
The problem was not fixed. So he had to contact Electrum to highlight the urgency of the issue, and Electrum released Emergency Response Version 3.0.4 a few hours later.
Electrum Wallet is one of the most popular Bitcoin wallets and has been around for several years. However, Electrum wallet users often rely on Electrum servers, which presents some security and privacy trade-offs. If you use electrum personal servers, Electrum wallet users can connect locally to their own private servers, enjoying the convenience of Electrum without any trade-offs.
Note: Electrum-XZC is derived from Electrum and uses different seed phrase criteria, so it cannot be imported.