Lesson 1: Third-party Electrum servers can link your two transactions together. This can be avoided by running your own Electrum server, supported by your own full node.
Users of Bitcoin wallet Electrum are facing a phishing attack, according to the Dev Security Lab. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Thelectrum upgrade tips, with a total value of about $11.6 million. It is worth mentioning that less than version 3.3.4 of Electrum is vulnerable to such phishing attacks, users using electrum wallets are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, please do not use the link in the prompt message to update to avoid loss of assets.
Dynamic . . . Electrum and MyEtherWalle users face phishing attacks.
Bitcoin Wallet Electrum confirms a phishing attack against its users, reminding them not to download Electrum Wallet software from any channel other than the official website. Earlier media reports said Electrum users had maliciously stolen millions of dollars worth of cryptocurrencies. Hackers create Electrum wallet software with malicious code, induce users to download, and trick users into providing login information such as passwords to commit theft.
Dash releases Dash Electrum 220.127.116.11 version
Electrum Bitcoin Wallet uses seed phrases as a back-up. If the device is lost, this is a protection issue.
The person who first reported the Github vulnerability on November 24 explained: "When the electrum daemon is running, someone on a different virtual host on the Web server can easily access your wallet through the local RPC port. Currently, there is no secure authentication that allows people to access the wallet's RPC port. "
To use mnomets to transfer addresses from electrum wallets to web wallets, you need to set Electrum to be compatible with Qtum phone mnomets in the initial installation (and then use phone wallet mnomets to restore phone wallets on Electrum). This setting is screenshot of the Electrum configuration.
In a recent announcement on Twitter, Electrum advised users to disable the automatic connection option and manually select a server, while the company is developing a more powerful Electrum.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.