On December 27, Reddit user u/normal_rc reported that Electrum's wallet had been hacked and that nearly 250 bitcoins (243.6 BTCs, nearly $1 million) had been maliciously stolen, coinelegraph reported. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
The cryptocurrencies wallet Electrum was hacked and lost 250 bitcoins.
Electrum is one of the most popular Bitcoin wallets and now supports Lightning Network payments.
This isn't the first time Thatectrum has appeared in a fake version, with hackers developing a fake encrypted wallet, Electrum, in December, resulting in the theft of nearly 250 bitcoins worth about $1 million. In January, GitHub discovered a fake Electrum wallet called "Electrvm" designed to steal users' money. In February, users of encrypted wallets Electrum and MyEtherWallet reported that they were facing phishing attacks.
Electrum 0.18.8 is available for details at github.
Administrators can fix known security vulnerabilities by upgrading the VPN server system to the latest version with reference to the VPN vendor's upgrade plan. 2. Administrators restrict access to console management ports of VPN servers on the extranet or non-trusted IP, blocking intrusions by hackers against the VPN server management background. 3. Administrators strengthen account protection, the use of high-intensity high security level passwords, to prevent administrator passwords from being violently guessed. 4. VPN users avoid using VPN clients to connect to untrusted VPN servers. 5.VPN users use 360 Security Guards to fully detoxify all disks, turning on real-time protection against this vulnerability.
Users of Bitcoin wallet Electrum are facing a phishing attack, according to the Devi Security Lab. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
At this time, the SPV-based Electrum wallet became the new favorite of Bitcoin players. Especially for small partners who are new to Bitcoin, editors recommend using electrum wallets.
According to The Next Web, the attackers even implemented their own Electrum servers, which hosted the attacked Electrum.
When an Electrum wallet queries a third-party Electrum server, the server can link two transactions together and know which address is a zero address.