bitcoin private electrum server, What Umbrel Did.

Researchers at the popular Bitcoin wallet app Electrum have uncovered a malicious shanzhai act aimed at stealing seed keys. The suspicious shanzhai wallet, called Electrum Pro, appeared online in March and has been labeled malware since.

According to the Dimensionality Reduction Security Lab, users of Bitcoin wallet Electrum are currently facing phishing attacks. The hacker broadcasts a message to the Electrum client through the malicious server, prompting the user to update to v4.0.0. If the user installs this "backdoor client" as prompted, the private key will be stolen, and all digital assets

Users of Bitcoin wallet Electrum are facing phishing attacks, according to Johnwick.io. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.

Electrum is a well-known light wallet for Bitcoin that adds new features such as server authentication using SSL to prevent MITM attacks. So unlike other Bitcoin light wallets, Electrum cannot communicate directly with different versions of Bitcoin full nodes, and each startup connects to electrumserver to communicate, and electrum.

Electrum's ElectrumX performs better than a personal Electrum server and includes a P2P exploration protocol that enables the wallet app of the average user to automatically find and connect to the server. These features make it a great solution for setting up public Electrum servers.

Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Slow fog reminds users that when transferring money, special attention needs to be paid to whether the destination address is replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.

June 28 (Xinhua) -- Bitcoin desktop wallet client Electrum has released a 4.0 beta version, adding several important updates to support the Lightning network. Electrum primarily adds features such as PSBT (partially signed Bitcoin transactions), Lightning Network, watchtowers (暸 watchtowers), and Submarine Swaps (subliminal switching).

Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. As of 13:00, at least 1450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade tips. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.

Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Electrum upgrade tips, with a total value of approximately $11.6 million. It is worth mentioning that electrums below version 3.3.4 are vulnerable to such phishing attacks, and users of Electrum wallets are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the links in the prompts to avoid asset losses.

step, install the Electrum Bitcoin wallet.

step, install the Electrum Bitcoin wallet.

Hackers have launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to Johnwick.io. Hackers used a botnet of more than 140,000 computers to attack Electrum's nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the Backdoor Client. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials.

Slow fog alert: Bitcoin wallet Electrum "updates phishing" currency theft continues.

Electrum (Ready)

Electrum (Ready)

In addition, Ivgi provides a plug-in that simplifies the process of setting up BWT with the Electrum client, and can also be used with other wallets that support the Electrum server protocol, such as Edge, Blue Wallet, Eclair Mobile, and Phoenix.

Lightweight Bitcoin Wallet Electrum announced that the next version will support Lightning network payments, implemented with Python, an electrum network node where wallet users do not need to run Lightning network nodes themselves to make payments, and electrum's Lightning network nodes have now been merged into the Electrum master branch.

Electrum-LTC is Electrum's community maintenance port, Litecoin's Bitcoin wallet. It is not the official product of Electrum Technologies GmbH, and it is not supported.

Malicious wallet software: A wallet software that sends a private key to a central server to steal the victim's coins. "Electrum Pro" is a notorious example, however.

Slow Fog Alert: The world's leading bitcoin wallet Electrum updates the phishing theft continues.

According to security firm Slow Fog, the current latest version of Bitcoin Light Wallet Electrum is 3.3.8, while previous versions of 3.3.4 are known to have "message defects" that allow attackers to send "update prompts" over a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. User feedback because of this attack, stolen bitcoins in more than four digits.

Electrum personal server.

Electrum personal server.

You can see that the user can manually specify to connect to their own electrumserver. But most users don't understand the principle and don't build their own electrum server.

Although we recommend that individual users set up their own Electrum server, you can also use the official Blockstream Electrum server if you prefer, and the table below contains details of the connection. The server operates on the same principle as Blockstream Explorer: no logs, no traceability, and Tor support.