Electrum Bitcoin Wallet scamware has led to a loss of $750,000 over 200 bitcoin users. Hackers broke into Electrum bitcoin wallet which does not need a full blockchain download, in the remote servers with a fork for nearly all versions – bitcoin cash, Dogecoin, litecoin as well as Dash.
Hackers got away with adding a malicious server to the wallet network over Electrum. Hence, when users reached the bitcoin transaction and reached one of the illegitimate servers, the user received further directions on downloading wallet application and instructing them about to download and install an update. This led the users to the GitHub of the hackers itself, where users eventually revealed their two-factor authentication code.
Hackers then used the code to actually steal bitcoin and transfer to their own bitcoin address.
The developers of Electrum Bitcoin Wallet stated that
“We did not publicly disclose this until now, as around the time of the 3.3.2 release, the attacker stopped; however they now started the attack again.”
Electrum has modified the malicious software – “This is not a true fix, but the more proper fix of using error codes would entail upgrading the whole federated server ecosystem out there…”
Github admin has now removed the repository in the case of malicious wallet version.
Download from Github: Warning
Further, Electrum has warned users to download software only from electrum.org
@ElectrumWallet ” There is an ongoing phishing attack against Electrum users. Our official website is https://electrum.org do not download Electrum from any other source. More on the attack here: https://github.com/spesmilo/electrum/issues/4968 …”
Additional clues that the scamware is active are when it begins to ask for a two-factor authentication despite not looking to transact. Users should become aware of such queries and set forth to investigate before reverting with the vital information which is the hackers is seeking in the form of the authentication code.
However, it has to be said that Electrum’s bitcoin wallet is not the only such wallet to be infected by malware. There are plenty of others too which have similarly been assailed. Hence, the larger user community will have to be aware of such issues and practice vigilance. Malware attacks for stealing cryptocurrencies have increased over time and therefore the risks are very high for non-cryptocurrency users as well. As per industry expert, McAfee anti-virus report, the incidences of malware at various stages of crypto mining have been increasing by over 4,000% in 2018.