Bitcoin

User lost 1,400 BTC due to old Electrum wallet vulnerability

An Electrum user lost 1,400 BTC after downloading an old wallet version running on malicious servers. This vulnerability has been fixed in versions 3.3.4 and higher.

According to Twitter user Verretor, an industry contributor reported on GitHub that 1400 BTC was stolen from him after installing an old version of the Electrum wallet. According to the publication, the affected user claims:

“I had 1,400 BTC, which I have not touched since 2017. I foolishly installed an older version of Electrum. I tried to transfer 1 BTC but was unable to do so. A notification has appeared in the wallet, requiring an update of the program and security settings for the transfer. I installed the update and immediately after that all the coins went to the address of the scammers. “

The fraudster made the  transaction on August 29, paying a fee of just under 0.0032 BTC ($ 37). Binance CEO Changpeng Zhao said the exchange had already blacklisted the address.

In the past year, the Electrum wallet has been hit by several attacks . The last attack in April 2109 involved a network of infected devices with 140,000 units. Hackers tried to disable the Electrum servers and at the same time send users hacked versions of the wallet, the installation of which leads to the loss of funds.

At one point, attackers controlled nearly 71% of all nodes, and users received fake error messages requiring them to download a malware-infected wallet disguised as a security update. Apparently, it was because of this vulnerability that the user lost 1,400 BTC.

According to Malwarebytes Labs, during last year’s attacks, hackers managed to steal private keys and upload them to a remote server:

“In addition to stealing wallet data, any balance in the wallet is sent to one of several addresses that are under the control of attackers. The chosen destination address depends on the address format used by the Electrum wallet for infected users. “

During the attacks, Electrum developer Thomas Voegtlin urged users to update their software, but it seems that not everyone paid attention to his words. All versions of the wallet prior to 3.3.4 are vulnerable to such phishing attacks.

“Electrum wallet users should update their software to the latest version from the official repository and be especially careful about update messages or other warnings that might be disguised phishing attempts,” Wogtlin said last year.

About author

Experienced Founder with a demonstrated history of working in the newspapers industry. Skilled in Data Research, Management, Investment Research, Teamwork, and Leadership. Influencing the technology, people, and technical analysis of the Cryptocurrency and Blockchain world.
Related posts
Bitcoin

After Previous Negative Statements, Norwegian Billionaire Invests In Bitcoin

BitcoinCryptocurrencyEthereum

Bitcoin Recovers $56,000: ETH Recovers $1,700 (Observed Over The Weekend)

Bitcoin

Bitcoin Sets Fresh Record Above $50,000

BitcoinMining

BTC miners earned more than $ 4 million per hour amid growing fees and BTC rate

Sign up for our newsletter and stay informed

0 0 votes
Page Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
USD
0
Would love your thoughts, please comment.x
()
x