The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding them to check the authenticity of the client's source before logging in. The team published its official website, and the Electrum clients downloaded elsewhere may be problematic.
Electrum Wallet is one of the most popular Bitcoin wallets and has been around for several years. However, Electrum wallet users often rely on Electrum servers, which presents some security and privacy trade-offs. If you use electrum personal servers, Electrum wallet users can connect locally to their own private servers, enjoying the convenience of Electrum without any trade-offs.
Send the coin to another wallet for long-term bitcoin storage. There should be a full node behind the wallet, such as the Electrum node pointing to your own Electrum server.
Hackers launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to The Devi Security Lab. Hackers used botnets of more than 140,000 computers to attack Electrum nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the client carrying the backdoor. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials. De-dimensional Security Labs recommends that users of electrum wallets be updated to the latest version of the client through the official website and never use the link in the prompt message.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
According to information posted on social media on December 27th, Electrum's wallet was hacked and nearly 250 bitcoins ($937,000) were maliciously stolen, coinelegraph reported. Electrum later confirmed that the attack included creating a fake version of the wallet and tricking users into providing password information. Reddit user u/ normal_rc that hackers set up a large number of malicious servers. Electrum responded on Twitter today that "this is a persistent phishing attack against Electrum users" and implored users to check the effectiveness of the resources they log on to.
XVG officially announced that it had started working with smart contract platform RSK a week ago and began a test network deployment, which will be directly integrated into XVG.
WAVES. The minimum transaction fee for regular accounts on the Waves network is 0.001WAVES and the minimum transaction fee for smart accounts is 0.005WAVES.
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extension. This led to an attack on electrum, and Trezor was affected.