All About Lightning Electrum
According to The Next Web, the attackers even implemented their own Electrum servers, which hosted the attacked Electrum.
Busy for a year of coin friends, it is time to rest, the uninstall APP as soon as possible uninstall, the New Year hastened to buy tickets to go, and so on after this year, and then come to meet the spring belongs to us.
The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding them to check the authenticity of the client's source before logging in. The team published its official website, and the Electrum clients downloaded elsewhere may be problematic.
By default, electrum wallets are randomly connected to a set of Electrum servers. From a privacy perspective, this is not a good thing because it discloses your wallet address and balance to unknown third parties. And unfortunately, many public Electrum servers are run by individuals or groups of blockchain analytics companies or worse. Therefore, if you are using an Electrum wallet, it is generally recommended that you run your own Electrum server and then connect the wallet to that server.
Bitcoin wallet Electrum official Twitter announced that the next version of Electrum will support Lightning online payments. Its lightning node implementation has been consolidated into the main branch of Electrum. Electrum also confirmed that the wallet will adopt a new implementation of in-house development written using Python.
The attacker set up a large number of malicious servers. Once a user's Electrum wallet is connected to these servers, they see what appears to be an official message when they send a Bitcoin transaction, telling them to upgrade the Electrum wallet, which actually contains a fraudulent URL.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
In reality, there have been many examples of this, including Wannacry malware and Electrum Stealware.
Shunto touch melon, open the github of the electrum, we find the following code in the electrum/electrum/ecc.py.
Bitcoin wallet Electrum released 4.0 beta, new support for Lightning Network and other updates