All About Lightning Electrum
Well-known Bitcoin wallet Electrum "update phishing" currency theft continues.
Wallet developer Electrum took action to fix the vulnerability, which led to the exposure of thousands of Bitcoin wallets.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum Wallet is fast and has few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
Planet Daily News Electrum is a world-renowned Bitcoin light wallet with a long history of supporting multi-signatures and a very broad user base, many of which like to use Electrum as a cold wallet or multi-sign wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a "message flaw" that allows an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may get a trick. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more.
Google developers have discovered that a Bitcoin wallet Electrum vulnerability could lead to money being stolen from websites.
Cryptocurrencies Wallet Electrum has lost nearly 250 bitcoins (approximately $914,000) as a result of the new phishing attack. Electrum has confirmed the authenticity of the attack. An attacker could induce a user to provide password information by creating a fake wallet.
Recently, Microstable online monitoring of a group of foreign hackers since 2015, began to register adtool.tech, jam-software.xyz, robomirror.xyz, electrum-wallet and other phishing host management tools Bitcoin wallet website domain name, used to spread bundled backdoor tool software, once users download from these sites adtool, robomirror, electrum and other tools, will be the host cryptocurrencies-related data back to the hacker's C.C. server.
Users of cryptocurrencies wallets Electrum and MyEtherWallet are now facing phishing attacks, according to posts posted on Reddit and Twitter on February 4, coinelegraph reported. The MyEtherWallet team has issued a warning about phishing emails sent to users. Electrum also posted a warning on its website informing users that the electrum version, which predies 3.3.3, is vulnerable to phishing attacks. The company warned its users not to download software updates from other sources.