According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
What is the difference between a public key and a private key?
Send the coin to another wallet for long-term bitcoin storage. There should be a full node behind the wallet, such as the Electrum node pointing to your own Electrum server.
The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding them to check the authenticity of the client's source before logging in. The team published its official website, and the Electrum clients downloaded elsewhere may be problematic.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website" and that The Healthy Security Lab advised users not to install an unknown source of Electrum wallets to avoid being tricked.
The attacker set up a large number of malicious servers. Once a user's Electrum wallet is connected to these servers, they see what appears to be an official message when they send a Bitcoin transaction, telling them to upgrade the Electrum wallet, which actually contains a fraudulent URL.
Hackers launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to The Devi Security Lab. Hackers used botnets of more than 140,000 computers to attack Electrum nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the client carrying the backdoor. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials. De-dimensional Security Labs recommends that users of electrum wallets be updated to the latest version of the client through the official website and never use the link in the prompt message.
Turn on Electrum.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-sign wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Here we remind users that when transferring money, special attention needs to be paid to whether the destination address has been replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
A new version of Electrum Wallet v0.18.16 was released.
Electrum client. A veteran security research expert told Hard Fork that if a user installs the problem version of Electrum.
Electrum LTC Wallet is a desktop-based cryptocurrencies wallet that supports Litecoin. Here are some aspects of wallets: Like its predecessor, Electrum- Bitcoin Wallet, open source wallets can be found on GitHub, where anyone can view or upgrade codes.
what is a public key on electrum
According to news on Reddit on December 27th, Electrum's wallet was hacked and nearly 250 bitcoins ($937,000) were maliciously stolen, coinelegraph reported. Electrum later confirmed that the attack included creating a fake version of the wallet and tricking users into providing password information. Reddit user u/ normal_rc that hackers set up a large number of malicious servers. Electrum responded on Twitter today that "this is a persistent phishing attack against Electrum users" and implored users to check the effectiveness of the resources they log on to.
Electron Cash is only a version of Electrum, so if you're used to Electrum, you won't have any problems.
To use mnomets to transfer addresses from electrum wallets to web wallets, you need to set Electrum to be compatible with Qtum phone mnomets in the initial installation (and then use phone wallet mnomets to restore phone wallets on Electrum). This setting is screenshot of the Electrum configuration.
The electrum and Electrum-LTC versions below 3.3.3 are vulnerable to phishing attacks in which a malicious server displays a message asking the user to download the fake Electrum. To prevent user exposure, versions older than 3.3 can no longer connect to public servers and must be upgraded. Do not download software updates from sources other than electrum.org and electrum-ltc.org.
$dir - "$homedir/.electrum/wallets"
On December 27th commentators reported on social media that a malicious group hacking the cryptocurrency wallet Electrum had stolen nearly 250 bitcoins ($937,000). It was later confirmed by Electrum that the attack included creating a fake version of the wallet and tricking users into providing password information. Hackers set up a bunch of malicious servers.
Electrum Litecoin maintains tamper-proof remote servers. All information is verified by Simplified Payment Verification (SPV). It provides full accessivity by allowing you to export the private key to other Litecoin clients.