Electrum used to be a development team that was responsible for driving early Sandworm activities, but in the CrashOverride event, it also held development and operational roles. According to the data, electrum caused a major power outage in Ukraine in 2016 with the ICS malware CrashOverride, however, because Electrum is also described as an organization that "can develop malware and ICS protocols that can modify the processes of electrical devices", the organization does not rely on exploiting vulnerabilities or zero-day vulnerabilities, but exploits common exploits and methods to launch attacks. For example, the organization used Microsoft's database server as a gateway to commercial and industrial control networks, successfully breaking industrial control systems and using stolen credentials to execute code. As a result, Dragos believes that Electrum is one of the most capable and complex threat groups in the ICS industry today, and in its report, it highlights that "North American power companies should view Electrum as a serious threat." "
raven electrum server
Users of Bitcoin wallet Electrum are facing a phishing attack, according to the Dev Security Lab. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Thelectrum upgrade tips, with a total value of about $11.6 million. It is worth mentioning that less than version 3.3.4 of Electrum is vulnerable to such phishing attacks, users using electrum wallets are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, please do not use the link in the prompt message to update to avoid loss of assets.
The electrum and Electrum-LTC versions below 3.3.3 are vulnerable to phishing attacks in which a malicious server displays a message asking the user to download the fake Electrum. To prevent user exposure, versions older than 3.3 can no longer connect to public servers and must be upgraded. Do not download software updates from sources other than electrum.org and electrum-ltc.org.
Qtum Electrum synchronously updates electrum-related code and releases v0.18.9.
The latest version of UBTC Electrum Light Wallet v3.2.8 is available.
You can use Security Seeds to recover your wallet on any Electrum client, even on the Electrum Wallet online web program.
Use BitHD shields and blades to prevent Electrum wallet "message defects" attacks.
Lightning support in Electrum has been around for a long time. Thomas Voegtlin, the founder of Electrum, first told CoinDesk last summer that Lightning would take it to the next version.
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum Wallet is fast and has few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
Hackers launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to Johnwick.io. Hackers used botnets of more than 140,000 computers to attack Electrum nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the Backdoor Client. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials. De-dimensional Security Labs recommends that users of electrum wallets be updated to the latest version of the client through the official website and never use the link in the prompt message.