10/16
2020

electrum element, Encyclopedia.com

Users of Bitcoin wallet Electrum are currently facing a phishing attack, according to the Devi Security Lab. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install the backdoor-carrying client, the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade alerts. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.

Read All

10/16
2020

electrum installation usb ubuntu, How to Install Ubuntu Without USB

In practical testing, we found that some IoT devices automatically trust the USB device plugged into the device, and if certain properties are set, the plugged-in USB device also creates the installation directory name without the appropriate security checks. In addition, some installation procedures are performed through the system function in the C language, which can call some DOS commands so that a malicious USB device can set certain parameters for arbitrary command execution. Because the daemon of an IoT device runs as root, this means that an attacker can use a USB device and then pretend to execute commands from the user.

Read All