Popular wallet developer Electrum has released an emergency patch for a key vulnerability in its Bitcoin wallet. The vulnerability allows any website hosting electrum wallets to potentially steal a user's cryptocurrency. A vulnerability means that the password is exposed to the JSONRPC interface, implying that the hacker has full control over the wallet. The first patch failed to fix the problem, forcing Electrum to release a second update on Sunday night.
how do i buy bitcoin for my electrum wallet
11 years to listen to a friend said to buy Bitcoin can make a lot of money, when I do not understand financial management, just my father fried for many years of stock, immediately tell my father to buy Bitcoin, my father asked where to buy, I said there is on the Internet I do not know you search.
"I don't think I have to buy a hardware wallet, and the wallet app on my phone is enough." Zhang Cheng, who bought Bitcoin in June 2018 and is based in Ethereum, said he had invested about 20,000 yuan in cryptocurrencies.
Let's talk about how to pick up the BCC, for example, if you were using an Electrum wallet.
When project manager Sarah Blincoe talked about the ambitious plan, she asked a simple question - how do you give Bitcoin to as many people as possible? She explained that they planned to send an unknown amount of bitcoins to local residents by text message.
Popular BTC wallets are further broken down into web, mobile and desktop wallets. Examples of popular BTC wallets are Electrum (desktop) and ZenGo (mobile). Please note that mining software can be used with any type of Bitcoin wallet. However, the software must match the platform used. But with so much free and paid software, which is the best?
At current prices, do you jump happily at your net income: 800 W-500 W-3 W-297 W?
DvPDelivery versus Payment payment delivery.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client to force an update prompt to pop up when a user transfers money, inducing users to update and download malware to carry out a currency theft attack. Recently, slow fog technology anti-money laundering (AML) system through continuous tracking found that one of the attackers wallet address bc1qc... p2kny has stolen more than 30 BTCs for six months and has been active recently. Slow Fog alerts Electrum users to update prompts, the new version of Electrum in this update prompt is likely to be false, if installed, please promptly transfer Bitcoin out in another security environment. At the same time, slow fog called on the vast number of cryptocurrencies exchanges, wallets and other platforms of the AML wind control system black and monitor such as the above Bitcoin address. This update tip is a phishing attack by an attacker who exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so. Although in early 2019 Electrum officials have said they want to adopt some security mechanisms to prevent this kind of update fishing, such as: 1. Patch Electrum client does not display rich text, does not allow arbitrary messages, only strict messages; Patch ElectrumX server implementation detects Sybil Attack (i.e. witch attacks, malicious servers that send phishing messages) and no longer broadcasts them to clients; Implement blacklisting logic to alert malicious servers outside the Electrum client view; Promote social networking sites, websites, and all forms of communication that exist with users, who should always run the latest version and always only install from official sources (electrum.org), access through security protocols (https), and verify GPG signatures in advance. However, many users of Electrum are still in the old version (less than 3.3.4), the old version is still under threat, but slow fog does not rule out that the new version will have a similar threat.