After disabling Pay to IP, the Bitcoin community began adopting a new standard, P2PKH, full name Pay To Public Key.
Vulnerabilities were found in Electrum and Electrum-LTC. It has been fixed in Electrum-LTC 126.96.36.199. If you are running an earlier version, update your software.
If you haven't set up Electrum Wallet to be compatible with your phone wallet, you can use the private key to recover the Electrum wallet on your web wallet. Select Wallet - "Private Key" - "Export" on the Electrum wallet and you will export the file qtum-electrum-private-keys.csv or copy only one private key. Select Recover from WIF on your web wallet, paste the private key, and select Confirm. Check that the wallet address is correct. You may need to use Dump as a Key File to save the key file.
Hardware Wallet Support: We'll soon be implementing all the features of a mobile wallet in our desktop wallet, supporting Ledger's Nano S and Nano X, as well as Trezor's One and Model T. Hardware wallet support for liquid networks will also be scaled up (currently available on Ledger Nano S)
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
A clone site masquerading as an Electrum SV wallet has emerged. The cloning site has nothing to do with electrum SV and is designed to steal tokens and create chaos in the BSV community.
To use mnomets to transfer addresses from electrum wallets to web wallets, you need to set Electrum to be compatible with Qtum phone mnomets in the initial installation (and then use phone wallet mnomets to restore phone wallets on Electrum). This setting is screenshot of the Electrum configuration.
Hackers launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to Johnwick.io. Hackers used botnets of more than 140,000 computers to attack Electrum nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the Backdoor Client. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials. De-dimensional Security Labs recommends that users of electrum wallets be updated to the latest version of the client through the official website and never use the link in the prompt message.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. In this slow fog remind users, transfer, need to pay special attention to whether the destination address is replaced, which is a very popular recent way to steal money. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.