According to an updated report, Electrum Bitcoin has been under attack by 152,000 infected machines in a Distributed Denial of Service attack. This follows a phishing attack that has already cost consumers over $4.6 million in funds stolen from their accounts.
The challenge of stopping these attacks is becoming even more difficult. Recently, the number of machines that had been infected by the malware was under 100,000, but that number has gone up by nearly 60 percent in a very short time, increasing the load on Electrum Bitcoin’s servers.
According to a report on Malwarebytes website, it is the Trojan.BeanWinHTTP virus that is the main culprit in the attacks. The company has also reported that they have been able to detect where the vast majority of these attack bots have occurred using the IP addresses that have been tracked, finding that the vast majority are coming from South and Western Asia, Brazil and Peru.
To accomplish their goal of hacking into servers and individual users computers, the botnet has worked through two separate distribution campaigns, RIG exploit kit and Smoke Loader.
The distributors of the malware would use false credentials and user accounts to create advertisements on common websites, especially those that offer photography. It appears that many of these companies were aware of the sordid history of these developers, and were refusing to allow them to advertise knowing that they were involved in this kind of nefarious acts before. However, the use of fake IDs and company names was enough to fool these sites into allowing them to pose their advertisements.
When users would click on ads, it would either download the malware onto their computer where it would begin to shut down their browser, or it would send them to another website where the malware would be downloaded. A warning would appear in the browser informing them that a government agency had detected that they were involved in criminal activity and would be required to pay a fine to have their browser unlocked. This was not true, however.
The virus has also been found to be able to lock Electrum BTC accounts and shut down servers so that users could not gain access into their wallets.
Hacking has become a rather lucrative endeavor for some of the more sophisticated criminal organization. On April 10, a British hacker who has successfully infiltrated hundreds of millions of computers across the globe with a sentence to 77 months in prison. Zain Qaiser was part of a rather sophisticated cybercriminal organization that operated in over 20 countries, distributing malware across the globe.
By working with these criminal organizations, hackers are able to get the necessary identities to be able to open accounts without being detected.
Editor’s note: A previous version of this article stated that over 150,000 Electrum Bitcoin wallets were infected by malware, which was incorrect. The article and headline have been updated to reflect that over 150,000 machines were used to attack Electrum Bitcoin.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.