We then use the key to sign the 256-bit message M. First we have to reproduce message M as a separate 256-bit (Bit, also known as Bit)
Although at the end of the 18th slow fog alerted the Electrum wallet client's message defects, forcing an "update prompt" to pop up when the user's currency transfer operation, inducing the user to update the download malware, and then carry out currency theft attacks.
Why use Electrum? Here are a dozen of the benefits of electrum wallets.
If A wants to claim its identity, it only needs to sign the message with its own private key, and B can verify the source of the message using A's public key when it receives the message.
Slow Fog: Technical analysis of pseudo-Electrum spear phishing attacks against exchange users.
Use python to complete the sign-message and verify-message APIs.
In addition, small partners who have used Electrum wallets should be aware that with Thecret phrase generated by Electrum, we can recover bitcoin keys on any browser using the Bitcoin Wallet web tool. And Electrum is so secure that there is no evidence that the distributed attack prevention system designed by Dark Wallet will be due to Electrum.
According to the Dimensionality Reduction Security Lab, users of Bitcoin wallet Electrum are currently facing phishing attacks. The hacker broadcasts a message to the Electrum client through the malicious server, prompting the user to update to v4.0.0. If the user installs this "backdoor client" as prompted, the private key will be stolen, and all digital assets
Affected users reported that after providing their two-factor authentication codes, they tried to log on to their wallets, but failed - electrum did not actually request them during the sign-in process. The hacker then emptied the wallet balance.
Bitcoin enables anyone with a private key to an address to sign a message from it. Such a message is an encrypted proof that you have the address.
B: Electrum server can customize messages to appear in the user's electrum light wallet software, giving hackers a chance to broadcast phishing messages.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. In this slow fog remind users, transfer, need to pay special attention to whether the destination address is replaced, which is a very popular recent way to steal money. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client to force an update prompt to pop up when a user transfers money, inducing users to update and download malware to carry out a currency theft attack. Recently, slow fog technology anti-money laundering (AML) system through continuous tracking found that one of the attackers wallet address bc1qc... p2kny has stolen more than 30 BTCs for six months and has been active recently. Slow Fog alerts Electrum users to update prompts, the new version of Electrum in this update prompt is likely to be false, if installed, please promptly transfer Bitcoin out in another security environment. At the same time, slow fog called on the vast number of cryptocurrencies exchanges, wallets and other platforms of the AML wind control system black and monitor such as the above Bitcoin address. This update tip is a phishing attack by an attacker who exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so. Although in early 2019 Electrum officials have said they want to adopt some security mechanisms to prevent this kind of update fishing, such as: 1. Patch Electrum client does not display rich text, does not allow arbitrary messages, only strict messages; Patch ElectrumX server implementation detects Sybil Attack (i.e. witch attacks, malicious servers that send phishing messages) and no longer broadcasts them to clients; Implement blacklisting logic to alert malicious servers outside the Electrum client view; Promote social networking sites, websites, and all forms of communication that exist with users, who should always run the latest version and always only install from official sources (electrum.org), access through security protocols (https), and verify GPG signatures in advance. However, many users of Electrum are still in the old version (less than 3.3.4), the old version is still under threat, but slow fog does not rule out that the new version will have a similar threat.
Electrum posted a message about the incident on Twitter today, claiming that "there are currently phishing attacks against Electrum users" and imploring users to check the validity of their login information.
The electrum and Electrum-LTC versions below 3.3.3 are vulnerable to phishing attacks in which a malicious server displays a message asking the user to download the fake Electrum. To prevent user exposure, versions older than 3.3 can no longer connect to public servers and must be upgraded. Do not download software updates from sources other than electrum.org and electrum-ltc.org.
Suppose Alice wants to digitally sign the message m, and Bob needs to verify the signature.