According to the dimensionality reduction security laboratory (johnwick.io), hackers launched a denial of service (DoS) attack on the well-known wallet Electrum server. The hackers used a botnet of more than 140,000 computers to attack Electrum nodes and deployed malicious nodes at the same time . When users connect to these malicious nodes and use the old version of Electrum to send transactions
The Bitcoin desktop wallet client Electrum has released a beta version 4.0, which adds support for several important updates such as the Lightning Network. This version is nearly a year away from the previous version of Electrum 3.3.8 (July last year)
Original title: Slow Fog: Analysis of Pseudo Electrum Harpoon Fishing Attacks
A clone site masquerading as an Electrum SV wallet has emerged. The cloning site has nothing to do with electrum SV and is designed to steal tokens and create chaos in the BSV community.
Users of cryptocurrencies Wallet Electrum and MyEtherWallet are facing phishing attacks, according to posts posted on Reddit and Twitter on February 4. The MyEtherWallet team has issued a warning about phishing emails sent to users. Electrum also posted a warning on its website informing users that the electrum version, which predies 3.3.3, is vulnerable to phishing attacks. The company warned its users not to download software updates from other sources. (Cointelegraph)
In a Reddit post, a user named mrsxeplatypus warned users to watch out for an electrum malware version of the ad and described how the scam ad worked. According to reports, the malicious ad disguised as electrum ads, click on the ad, will start downloading EXE files. In fact, users go to the fake url elecktrum.org, not the electrum.org. Google is said to have taken steps to deal with the malicious ad.
Denley found extensions for wallet applications for different companies such as Ledger, Jaxx, Electrum, Meta Mask, and Exodus. He also revealed that hackers may not be as skilled as people think. Theft often doesn't happen immediately, which means that hackers may not have discovered how to do it automatically, but have to access each wallet separately.
Researchers at the popular Bitcoin wallet app Electrum have uncovered a malicious shanzhai act aimed at stealing seed keys. The suspicious shanzhai wallet, called Electrum Pro, appeared online in March and has been labeled malware since.
According to Johnwick.io, we will continue to monitor and track the further flow of funds after a recent user submitted a coin-losing incident claiming that the download used an Electrum wallet had been phishing and that more than 700 bitcoins had been lost, and that the stolen address had been added to the Devi AML system. It is reported that malicious websites (electrumsecure) fake Electrum website phishing attacks, to guide users to download and use the wallet, in order to steal the user's private key and other sensitive data. Devi Security Labs is here to remind users not to install unknown sources of Electrum wallets, to avoid asset losses. Electrum Official Website: electrum.org Electrum Phishing Website: electrumsecure.
In addition, U2F can complement the common two-factor verification scheme to provide a better experience for website users (google, Github, Dropbox, Docker Hub, Salesforce, etc.)