All About Lightning Electrum
Users of Bitcoin wallet Electrum are facing phishing attacks, according to Johnwick.io. Hackers broadcast messages to electrum clients through a malicious server, prompting the user to update to v4.0.0, and if the user is prompted to install this backdoor-carrying client, the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth approximately $11.6 million had been stolen from phishing attacks that forged Electrum upgrade alerts. Devi Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum3.3.8 via the official website (electrum.org), which has not yet been officially released v4.0.0, and do not use the link in the prompt message to avoid asset losses.
Popular wallet developer Electrum has released an emergency patch for a key vulnerability in its Bitcoin wallet. The vulnerability allows any website hosting electrum wallets to potentially steal a user's cryptocurrency. A vulnerability means that the password is exposed to the JSONRPC interface, implying that the hacker has full control over the wallet. The first patch failed to fix the problem, forcing Electrum to release a second update on Sunday night.
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extensions. This leads to an attack on Electrum, and Trezor is affected.
Multi-signature functionality is essential in any blockchain system. To support multi-signature transactions, the DEXON network itself can act as a multi-signature signature pool (for example, Bitcoin multisig service copay), maintaining the signature status of multiple signatures.
The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding users to check the authenticity of the client's source before logging in. The team published its official website, and electrum clients downloaded elsewhere may be problematic.
According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
Bitcoin Cash is about to welcome a network update (or hard fork) on November 15th, but disagreements among competing stakeholders have led to doubts about Bitcoin Cash, the market's fourth-largest cryptocurrencies. Bitcoin cash fork trading continued to grow rapidly on Poloniex before the fork began, though.
Bitcoin wallet Electrum was hacked and at least 1,450 BTCs were stolen.
Electrum is one of the most popular Bitcoin wallets and now supports Lightning Network payments.