Tech 11 May 2018

Dan Taylor

Electrum calls out copycat site Electrum Pro for ‘bitcoin-stealing malware’

The well-regarded BTC wallet service Electrum has revealed that hackers have cloned their service, setting up a copycat site designed to scam unsuspecting users out of their cryptocurrency.

Electrum, which operates its official website on the domain electrum.org, noticed a rival service known as ‘Electrum Pro’, with its website at electrum.com. Furthermore, Electrum Pro is advertising on Google AdWords, in an apparent attempt to divert traffic from the legitimate wallet service.

Long considered one of the most user-friendly and secure wallets, with compatibility for hardware including Trezor and Ledger, the team behind the service now claim scammers are effectively running malware designed to steal BTC from the domain.

Their concern is that any wallets created on the electrum.com domain are now compromised, further undermining confidence in BTC and potentially cryptocurrencies as a whole.

Having identified the suspected malware, the Electrum team outlined their findings on Github, reflecting the relevant code for stealing recovery seeds, and passing the required information to the scammers. This enables the hackers to take control of user wallets, and any of the funds contained within them, according to the Electrum team.

The incident is not the first time hackers have attempted to copy Electrum and pass off as the legitimate platform, but comes as the first instance of a hacker being able to use the .com domain.

The .com website is also difficult to detect as a scam, with only subtle differences from the legitimate Electrum site, and the claim that Electrum Pro is a fork from the original. The Linux version of the wallet remains uncompromised, with only Windows and OS X versions containing the malicious code.

Electrum has advised anyone who has recently installed their platform to double check they’ve installed the correct, legitimate version, available only from Electrum.org. There are also plans to create an official app, available for download from the Mac App Store, as a means of circumventing similar attacks in future.

Nevertheless, the development is only the latest of many hacking attempts revolving around BTC.

Earlier this week, a research report documented findings from a year-long study that showed anywhere from between 3-10x the malicious activity on the BTC blockchain as the public Internet, with BTC dubbed ‘3x more evil than the Internet’.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Japan’s SBI Group sets up crypto mining chip operation

Tech 6 hours ago

Japan’s SBI Group sets up crypto mining chip operation

SBI has revealed that a new operation will be headed by ex-NASA and serial entrepreneur, Adam Traidman.

Read More
Dr. Craig Wright on fair trade with Bitcoin SV

Tech 8 hours ago

Dr. Craig Wright on fair trade with Bitcoin SV

In his latest Medium post, Dr. Craig Wright describes the technical details of how the Bitcoin protocol can be used to create fair smart contracts.

Read More
Odyssey blockchain hackathon seeks prototypes to address ‘societal challenges’

Tech 12 hours ago

Odyssey blockchain hackathon seeks prototypes to address ‘societal challenges’

The Netherlands is continuing its Odyssey tradition for the third year, where all sorts of talented individuals will gather to tackle societal challenges by offering solutions through emerging technologies.

Read More