Users of Bitcoin wallet Electrum are facing phishing attacks, according to Johnwick.io. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
Electrum and MyEtherWalle users face phishing attacks.
coinbase to electrum offline
On December 27, Reddit user u/normal_rc reported that Electrum's wallet had been hacked and that nearly 250 bitcoins (243.6 BTCs, nearly $1 million) had been maliciously stolen, coinelegraph reported. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
When an Electrum wallet queries a third-party Electrum server, the server can link two transactions together and know which address is a zero address.
Maintenance and that all the "Coinbase-supported blockchains" may be offline.
As of press time, phishing attacks that forged Electrum upgrade notifications have stolen at least 1,450 BTC (the number stolen is officially counted by a user, anti-malware companies Malwarebytes and Electrum), with a total value of approximately $11.6 million. It is worth mentioning that Electrum versions lower than 3.3.4 are vulnerable to such phishing attacks. Users who use Electrum wallets should update to the latest version Electrum 3.3.8 through the official website (electrum.org). At present, v4.0.0 has not been officially released. Version, please do not use the link in the prompt message to update, so as to avoid loss of assets
Electrum uses the guide Qtum Electrum.
By default, electrum wallets are randomly connected to a set of Electrum servers. From a privacy perspective, this is not a good thing because it discloses your wallet address and balance to unknown third parties. And unfortunately, many public Electrum servers are run by individuals or groups of blockchain analytics companies or worse. Therefore, if you are using an Electrum wallet, it is generally recommended that you run your own Electrum server and then connect the wallet to that server.
Electrum tweeted today about the incident, saying it was "a persistent phishing attack on Electrum users" and imploring users to check the effectiveness of the resources they log on to.
Why use Electrum? Here are a dozen of the benefits of electrum wallets.
If you haven't set up Electrum Wallet to be compatible with your phone wallet, you can use the private key to recover the Electrum wallet on your web wallet. Select Wallet - "Private Key" - "Export" on the Electrum wallet and you will export the file qtum-electrum-private-keys.csv or copy only one private key. Select Recover from WIF on your web wallet, paste the private key, and select Confirm. Check that the wallet address is correct. You may need to use Dump as a Key File to save the key file.
In a recent announcement on Twitter, Electrum advised users to disable the automatic connection option and manually select a server, while the company is developing a more powerful Electrum.
Vulnerabilities were found in Electrum and Electrum-LTC. It has been fixed in Electrum-LTC 184.108.40.206. If you are running an earlier version, update your software.
Electrum is a well-known light wallet for Bitcoin that adds new features such as server authentication using SSL to prevent MITM attacks. So unlike other Bitcoin light wallets, Electrum cannot communicate directly with different versions of Bitcoin full nodes, and each startup connects to electrumserver to communicate, and electrum.
Qtum Electrum 0.18.4 released
Bitcoin Wallet Electrum Wallet was hacked and lost 1,450 BTCs.
Original title: Slow Fog: Analysis of Pseudo Electrum Harpoon Fishing Attacks
The problem was not fixed. So he had to contact Electrum to highlight the urgency of the issue, and Electrum released Emergency Response Version 3.0.4 a few hours later.