Users of Bitcoin wallet Electrum are currently facing phishing attacks, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Electrum upgrade tips, with a total value of approximately $11.6 million. It is worth mentioning that electrums below version 3.3.4 are vulnerable to such phishing attacks, and users of Electrum wallets are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the links in the prompts to avoid asset losses.
electrum android client
This "update prompt" is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as much as 71% of the total, and the show did not fully count that hundreds of bitcoins had been stolen in this phishing attack over the past year or so.
When Electrum wallets are synchronized with malicious servers, they are instructed to use a blacked-out version of the "update" client, which eventually results in the loss of funds contained in the older version.
Star Daily News Bitcoin Wallet Electrum official Twitter announced that the next version of Electrum will support Lightning online payments. Its lightning node implementation has been consolidated into the main branch of Electrum. Electrum also confirmed that the wallet will adopt a new implementation of in-house development written using Python. (Cointelegraph)
At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
This makes Electrum by far the oldest wallet to use Lightning payment methods.
POSBakerz release tutorial: How to configure Cosmos on ledger Nano S.
Vulnerability 3 and 4: Confidentiality of data within the device (for Trezor One and Trezor T)
Ave temporarily overtook Compound to take second place in the DeFi Pulse Total Value Lockdown (TVL) rankings.
Electrum Litecoin Wallet review: Lightweight Litecoin customers.