Lightweight Bitcoin Wallet Electrum announced that the next version will support Lightning network payments, implemented with Python, an electrum network node where wallet users do not need to run Lightning network nodes themselves to make payments, and electrum's Lightning network nodes have now been merged into the Electrum master branch.
From August to September, the Bitcoin wallet Electrum was phished twice by hackers. According to statistics from various parties, the phishing attacks forged Electrum upgrade notifications have stolen at least 1,450 BTC worth $11.6 million.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Here we remind users that when transferring money, special attention needs to be paid to whether the destination address has been replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
Use BitHD shields and blades to prevent Electrum wallet "message defects" attacks.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
Bitcoin Wallet Electrum confirms a phishing attack against its users, reminding them not to download Electrum Wallet software from any channel other than the official website. Earlier media reports said Electrum users had maliciously stolen millions of dollars worth of cryptocurrencies. Hackers create Electrum wallet software with malicious code, induce users to download, and trick users into providing login information such as passwords to commit theft.
Dash Electrum 3.2.3.1 was released, renamed Dash-Electrum, adding the option to use Tor Proxy at startup, according to Dash Coin. DASH is now trading at $159, down 3.26 percent.
It's not hard to run your own Electrum server and point your wallet to just use it. This restores Electrum to the point where it has the same privacy and security attributes as the full node, where no one else can see the address or transaction that the wallet is interested in. Electrum then becomes an all-node wallet.
The malware supports the theft of multiple digital wallets, including Ethereum, Multibit, Electrum, Armory, Bytecoin, Bitcoin, and more.
De-dimensional security: Bitcoin wallet Electrum was hacked and at least 1,450 BTCs were stolen.