BITCOIN, Jan. 8 (Reuters) - Popular wallet developer Electrum has released an emergency patch for a key vulnerability in bitcoin wallets. The vulnerability allows any website hosting an e-wallet to potentially steal a user's cryptocurrency.
electrum bitcoin wallet backup
In August-September, Bitcoin wallet Electrum was hacked twice, and according to multiple sources, at least 1,450 BTCs worth $11.6 million were stolen from phishing attacks that faked Electrum upgrade tips.
Given that Monero's market capitalization is about 77 times that of Vertcoin, such an attack is not surprising.
The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding them to check the authenticity of the client's source before logging in. The team published its official website, and the Electrum clients downloaded elsewhere may be problematic.
Electrum is a desktop Bitcoin wallet that supports multiple operating platforms. The German computer scientist designed efficient, lightweight features.
To accommodate the wider cryptocurrencies community, their token sales accept both Bitcoin, Litecoin, Dash and Bitcoin cash.
Planet Daily News Electrum is a world-renowned Bitcoin light wallet with a long history of supporting multi-signatures and a very broad user base, many of which like to use Electrum as a cold wallet or multi-sign wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a "message flaw" that allows an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may get a trick. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more.
"When I logged in, I immediately asked for my 2 Factor code, which I thought was a bit strange, electrum is usually only requested when you try to send it," one victim continued in another Reddit post.
According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
The last round of Bitcoin community allocation will be completed by the Bit Federal Reserve (UBTC) on January 3, 1818, and the Bit Fed has now launched three versions of its wallet and blockchain browser, core-qt, and electrum.