All About Lightning Electrum
According to slow fog zone news, Electrum fake upgrade tips of the phishing attack has stolen at least 200 BTC, this attack by upgrading Electrum alone can not be avoided, the need for the entire ecological service to make corresponding changes (because Electrum this client is not a full node, and then on the transaction broadcast and the corresponding service side of the message communication, attackers can also deploy malicious server). Slow fog zones remind users that phishing attacks like Electrum require long-term vigilance. The slow fog zone has previously issued an alert for selectrum phishing updates, and hackers who attacked Electrum wallets used Electrum's software to unusually construct malicious software update prompts to induce users to update and download malware usage.
In this demo, SatoshiLabs' CTO Pavol Rusnak shows how to send Bitcoin transactions via Electrum wallet and SMS to.
DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
If the network is split in half, I send 10 coins to A in half of the network, and I send 10 coins to B in the other half of the network, then either the system is not available because one transaction or both will not be processed, or the system will become inconsistent because half of the network will complete the first transaction and the other half will complete the second transaction.
The report also shows that Ledger is the most targeted brand, but for no clear reason. Ledger has 57% error extensions, MEW-22%, Safe-8%, Electrum-4%, KeepKey-4% andJaxx-2%
Electrum wallets have been hacked in recent days and nearly 250 bitcoins have been stolen, according to blockchain security team Devi Security Labs. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website." Mars Finance reminds users not to install electrum wallets from unknown sources.
The exchange initially wanted to send a We Game Tokens (WGT) airdrop, but a computer error caused users to get not only BTC but other cryptocurrencies.
No scripts: Electrum prevents any scripts from downloading. As a result, infected servers cannot send you arbitrary code and steal funds.
Previous phishing attacks were carried out through malicious servers, and when asked to broadcast transactions through legitimate Electrum wallets, an error message was returned instructing the user to download a false "security update" from an unauthorized Github repository. The unidentified hacker reportedly managed to steal more than 200 BTCs.
An attacker, for example, could send users of these lightweight nodes their own fabricated bitcoins, unable to tell whether the transaction is valid because they do not know all the transactions in the Bitcoin blockchain. In this case, users will only find themselves cheated by a fake transaction when they use the bitcoin and don't spend it, and you may question how the attacker's transaction could be invalid because some miners are colluding with the attacker.
Because it is a point-to-point transaction, remove the third-party centralization of supervision, as long as you do not operate in error, the transaction can completely eliminate fraud.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more.
Electron Cash is only a version of Electrum, so if you're used to Electrum, you won't have any problems.
Minimize transaction error rates because each operation is controlled by strict code on the carrier node.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.