11-21-2024
BSV
$72.44
Vol 158.88m
6.05%
BTC
$97775
Vol 113129.14m
4.42%
BCH
$508.93
Vol 1893.6m
15.19%
LTC
$90.61
Vol 1359.44m
5.12%
DOGE
$0.38
Vol 9843.37m
0.68%
Getting your Trinity Audio player ready...

The cryptocurrency community suffered another attack from hackers after unknown person(s) managed to steal 243 Bitcoin Core (BTC) (about $750,000) from Electrum wallets.

Reportedly, the hacker or hackers managed to send messages to Electrum users urging them to download a malicious update to their wallets from unauthorized GitHub repository. The hack began on Friday, December 21 and was temporarily stopped today by GitHub administration after they took down the hacker’s GitHub repository.

Hackers added ten malicious servers to the Electrum wallet network to steal the bitcoins. Once a bitcoin transaction initiated by users reached one of these servers, it would send error messages urging the user to update their wallets by following a GitHub link. Upon completion, the updated app would request for a two-factor authentication code. The attackers then used the codes with the help of malicious software to transfer funds from user’s Electrum wallets to their bitcoin address.

Usually, users are not required to provide their two-factor authentication code to log in to their accounts. However, after proving the codes, affected users tried and failed to log in to their accounts.

Electrum posted about the attack on Twitter today stating that there is an ongoing attack against Electrum users. The tweet also requested users to check the validity of the source where they key in their details.

The tweet also stated:

“Our official website is https: //electrum.org [.] Do not download Electrum from any other source,”

Electrum wallet admin did not initially inform the public about the hack but responded by quietly updating the Electrum wallet app, which stopped the message from the hackers. However, some users went ahead and copied the message to download the updates from their browsers. An Electrum developer, SombeNight said that the team did not announce the hack to the public until now because the attack had allegedly stopped.

Although GitHub has removed the repository containing the malicious wallet version, the malicious servers remain on Electrum network. It’s believed that Electrum may soon face yet another attack using the same method or another download location. The core problem is that Electrum servers are allowed to trigger a popup that contains custom text inside user’s wallets.

Recommended for you

Donald Trump’s role in the ‘crypto’ boom
Donald Trump pledged to make the United States the "crypto capital of the world." For the first time in nearly...
November 21, 2024
India Web3 space sees Trump influencing ‘crypto’ regulation
The Indian Web3 industry is celebrating Donald Trump's re-election, acknowledging that his pro-digital currency outlook could influence global sentiment and...
November 21, 2024
Advertisement
Advertisement
Advertisement