Tech 11 May 2018Dan Taylor
Electrum calls out copycat site Electrum Pro for ‘bitcoin-stealing malware’
The well-regarded BTC wallet service Electrum has revealed that hackers have cloned their service, setting up a copycat site designed to scam unsuspecting users out of their cryptocurrency.
Electrum, which operates its official website on the domain electrum.org, noticed a rival service known as ‘Electrum Pro’, with its website at electrum.com. Furthermore, Electrum Pro is advertising on Google AdWords, in an apparent attempt to divert traffic from the legitimate wallet service.
Long considered one of the most user-friendly and secure wallets, with compatibility for hardware including Trezor and Ledger, the team behind the service now claim scammers are effectively running malware designed to steal BTC from the domain.
Their concern is that any wallets created on the electrum.com domain are now compromised, further undermining confidence in BTC and potentially cryptocurrencies as a whole.
Having identified the suspected malware, the Electrum team outlined their findings on Github, reflecting the relevant code for stealing recovery seeds, and passing the required information to the scammers. This enables the hackers to take control of user wallets, and any of the funds contained within them, according to the Electrum team.
The incident is not the first time hackers have attempted to copy Electrum and pass off as the legitimate platform, but comes as the first instance of a hacker being able to use the .com domain.
The .com website is also difficult to detect as a scam, with only subtle differences from the legitimate Electrum site, and the claim that Electrum Pro is a fork from the original. The Linux version of the wallet remains uncompromised, with only Windows and OS X versions containing the malicious code.
Electrum has advised anyone who has recently installed their platform to double check they’ve installed the correct, legitimate version, available only from Electrum.org. There are also plans to create an official app, available for download from the Mac App Store, as a means of circumventing similar attacks in future.
Nevertheless, the development is only the latest of many hacking attempts revolving around BTC.
Earlier this week, a research report documented findings from a year-long study that showed anywhere from between 3-10x the malicious activity on the BTC blockchain as the public Internet, with BTC dubbed ‘3x more evil than the Internet’.
Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.
Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.
Tech 19 May 2019
Future block reward halvings spell doom for Bitcoin Core but bright future for Bitcoin SV
nChain’s chief scientist Dr. Craig Wright has performed some calculations about future economics for Bitcoin Core (BTC).
Tech 17 May 2019
Democrat Andrew Yang believes blockchain ‘big part’ of US future
A candidate for Democratic presidential nomination has spoken out in favor of blockchain, saying the technology will be a “big part of our future.”
Tech 17 May 2019
How do solution providers deal with hacks? Just pay crypto ransom and move on
A damning new study has revealed the trick up the sleeve of some so-called ransomware solution providers—just pay the hackers their ransom in crypto.