Popular wallet developer Electrum has released an emergency patch for a key vulnerability in its Bitcoin wallet. The vulnerability allows any website hosting electrum wallets to potentially steal a user's cryptocurrency. A vulnerability means that the password is exposed to the JSONRPC interface, implying that the hacker has full control over the wallet. The first patch failed to fix the problem, forcing Electrum to release a second update on Sunday night.
In August-September, Bitcoin wallet Electrum was hacked twice, and according to multiple sources, at least 1,450 BTCs worth $11.6 million were stolen from phishing attacks that faked Electrum upgrade tips.
Electrum 0.18.8 is available for details at github.
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extensions. This leads to an attack on Electrum, and Trezor is affected.
When you download Electrum for any non-Bitcoin cryptocurrencies, you are downloading software that is not approved by us, and you may download malware against your Bitcoin wallet. Don't count on the integrity of those who promote sh tcoins.
Legally identifiable hard fork decision: All validators must sign a legal agreement with the network. Hard fork decisions are legally binding.
Electrum's ElectrumX performs better than a personal Electrum server and includes a P2P exploration protocol that enables the wallet app of the average user to automatically find and connect to the server. These features make it a great solution for setting up public Electrum servers.
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum wallets are fast and have few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
Vulnerabilities were found in Electrum and Electrum-LTC. It has been fixed in Electrum-LTC 220.127.116.11. If you are running an earlier version, update your software.