electrum how to update, Electrum Unity App & Firmware Status Update

Analysis . . . Bitcoin wallet Electrum "update phishing" currency theft continues.

Electrum to Web Wallet.

Electrum to Web Wallet.

Popular wallet developer Electrum has released an emergency patch for a key vulnerability in its Bitcoin wallet. The vulnerability allows any website hosting electrum wallets to potentially steal a user's cryptocurrency. A vulnerability means that the password is exposed to the JSONRPC interface, implying that the hacker has full control over the wallet. The first patch failed to fix the problem, forcing Electrum to release a second update on Sunday night.

Millions of dollars of digital currency have been stolen, according to Electrum officials. Devi Security Labs recommends that users of Electrum Wallet update to the latest version of the client via the official website and never use the link in the prompt message.

Rusnak shows how to set up this feature with an Electrum wallet. If JavaScript is disabled in the browser, turn it on.

Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. In this slow fog remind users, transfer, need to pay special attention to whether the destination address is replaced, which is a very popular recent way to steal money. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.

Electrum tweeted today about the incident, saying it was "a persistent phishing attack on Electrum users" and imploring users to check the effectiveness of the resources they log on to.

According to the Dimensionality Reduction Security Lab, users of Bitcoin wallet Electrum are currently facing phishing attacks. The hacker broadcasts a message to the Electrum client through the malicious server, prompting the user to update to v4.0.0. If the user installs this "backdoor client" as prompted, the private key will be stolen, and all digital assets

electrum how to update

electrum how to update

According to The Next Web, the attackers even implemented their own Electrum servers, which hosted the attacked Electrum.

According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.

In addition, small partners who have used Electrum wallets should be aware that with Thecret phrase generated by Electrum, we can recover bitcoin keys on any browser using the Bitcoin Wallet web tool. And Electrum is so secure that there is no evidence that the distributed attack prevention system designed by Dark Wallet will be due to Electrum.

Electrum Cash.

Electrum Cash.

A day after Ormandy's post, Electrum released a full update of version 3.0.5, which is now available from the official website.

In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client, forcing an "update prompt" to pop up when a user transfers money, inducing the user to update and download the malware, which in turn commits a currency theft attack. Although electrum officials said in early 2019 that some security mechanisms would be in place to prevent this "update phishing", many users of Electrum are still in the old version (less than 3.3.4) and the old version is still under threat. However, we do not rule out a similar threat to the new version. Recently, slow fog technology anti-money laundering (AML) system through continuous tracking found that one of the attackers wallet address bc1qcygs9dl4pqw6atc4yqurzd76p3r9cp6xp2kny has stolen more than 30 BTC, the crime lasted six months, and recently is still active. We would like to remind Electrum users that the new version of Electrum in this Update Tip is likely to be false and that if installed, transfer Bitcoin out in another security environment in a timely manner. At the same time, we call on the vast number of cryptocurrencies exchanges, wallets and other platforms of the AML wind control system black and monitor such as the above Bitcoin address.

Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. As of 13:00, at least 1450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade tips. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.

The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that it was an ongoing phishing attack on Electrum users and advised them to download wallets from the official website.

Attackers reportedly implemented a compromised version of their Own Electrum server hosting to enable hacking. When users synchronize their vulnerable Electrum wallet with a malicious server, they are instructed to "update" their clients with a hacker version, which can eventually result in the immediate loss of funds contained in older versions.

Now that we understand the benefits of Electrum, we can start using Electrum. Before use, prepare pens and paper to facilitate the recording of safety seeds.