Business 28 December 2018Dennis Wafula
Hackers steal 234 BTC from Electrum wallets
The cryptocurrency community suffered another attack from hackers after unknown person(s) managed to steal 243 Bitcoin Core (BTC) (about $750,000) from Electrum wallets.
Reportedly, the hacker or hackers managed to send messages to Electrum users urging them to download a malicious update to their wallets from unauthorized GitHub repository. The hack began on Friday, December 21 and was temporarily stopped today by GitHub administration after they took down the hacker’s GitHub repository.
Hackers added ten malicious servers to the Electrum wallet network to steal the bitcoins. Once a bitcoin transaction initiated by users reached one of these servers, it would send error messages urging the user to update their wallets by following a GitHub link. Upon completion, the updated app would request for a two-factor authentication code. The attackers then used the codes with the help of malicious software to transfer funds from user’s Electrum wallets to their bitcoin address.
Usually, users are not required to provide their two-factor authentication code to log in to their accounts. However, after proving the codes, affected users tried and failed to log in to their accounts.
Electrum posted about the attack on Twitter today stating that there is an ongoing attack against Electrum users. The tweet also requested users to check the validity of the source where they key in their details.
The tweet also stated:
“Our official website is https: //electrum.org [.] Do not download Electrum from any other source,”
Electrum wallet admin did not initially inform the public about the hack but responded by quietly updating the Electrum wallet app, which stopped the message from the hackers. However, some users went ahead and copied the message to download the updates from their browsers. An Electrum developer, SombeNight said that the team did not announce the hack to the public until now because the attack had allegedly stopped.
Although GitHub has removed the repository containing the malicious wallet version, the malicious servers remain on Electrum network. It’s believed that Electrum may soon face yet another attack using the same method or another download location. The core problem is that Electrum servers are allowed to trigger a popup that contains custom text inside user’s wallets.
Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.
Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.
Business 36 minutes ago
LocalBitcoins bans users living in Iran amidst global tensions
LocalBitcoins didn’t say why they had shutdown for Iran, but global tensions look like they put some pressure on the company and its homeland of Finland.
Business 36 minutes ago
Robinhood looking to raise at least $200 million in new funding round
Robinhood is riding its popularity to another $200 million and an evaluation nearing $8 billion.
Business 59 minutes ago
Crypto market daily report – May 27, 2019
The cryptocurrency markets demonstrated considerable bullish movement, with Bitcoin SV demonstrating a massive 26% rise to the $114 level.