Electrum Wallet Attack May Have Stolen As Much as 245 Bitcoin

Hack
28 December 2018

A phishing attack on the Electrum wallet network has possibly managed to steal around 245 bitcoins, worth over $880,000 at today’s prices.

Warning of the attack on Thursday, the firm tweeted: “There is an ongoing phishing attack against Electrum users. Our official website is https://electrum.org Do not download Electrum from any other source.”

The bad actor set up the attack by creating multiple fake servers on the Electrum wallet network. As a result, when wallet users that connected to those servers attempted to broadcast a bitcoin transaction, they received an error message providing a malicious link to malware disguised as an updated wallet, the firm explained on its Github page.

Electrum said that “To make the attack more effective, the attacker is creating lots of servers (sybils), hence increasing the chance a client would connect to him.”

Fake alert created by the attacker (via Electrum GitHub page)

A Reddit user posted a bitcoin address Thursday that they said the attacker is using to consolidate the stolen cryptocurrency from several addresses used in the attacks. If true, 245 BTC have been taken in this attack, an amount worth $884,000 at press time.

Electrum has moved to mitigate the problem and has released a new version of its wallet 3.3.2, it said on the Github page, adding that “This is not a true fix, but the more proper fix of using error codes would entail upgrading the whole federated server ecosystem out there.”

The firm explained:

“We did not publicly disclose this until now, as around the time of the 3.3.2 release, the attacker stopped; however they now started the attack again.”

Instances of cryptocurrency hacks are fast on the rise as criminals seek an easy path to rich rewards.

According to a recent report from blockchain security firm CipherTrace, nearly $1 billion in cryptos have been stolen so far this year. Another report from McAfee showed that there were nearly four million new mining malware threats in the third quarter of 2018 alone, compared to less than 500,000 in 2017 and 2016.

Hacker image via Shutterstock