Electrum hackers pre-empted a large number of "normal" electrum servers on the P2P network.
John Westbrook: Fast and supercomputer that allows you to connect CPU threads from multiple servers on the network to run the process multiple times.
To synchronize information on the Bitcoin blockchain, Phoenix Wallet connects to a random Electrum server. However, to provide greater confidence, it allows you to modify this connection, making it easier for you to connect to a trusted server or your own server.
The UB team has now developed Core, Core-QT, Electrum Wallet (where Electrum is a lightweight wallet that supports multiple signatures) and released a complete blockchain browser. More than 18 trading platforms around the world support UBTC trading.
Electrum is another popular Bitcoin wallet that has been around for nearly a decade. Electrum Bitcoin Wallet has been available for all devices since 2011 and was one of the most widely used wallet applications before other alternatives emerged. There are still a lot of people who are still swearing at the Electrum wallet.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-sign wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Here we remind users that when transferring money, special attention needs to be paid to whether the destination address has been replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
(Malware, Attack) Electrum DDoS botnet reaches 152,000 infected hosts.
Electrum tweeted today about the incident, saying it was "a persistent phishing attack on Electrum users" and imploring users to check the effectiveness of the resources they log on to.
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extensions. This leads to an attack on Electrum, and Trezor is affected.
electrum servers to connect
A botnet with more than 140,000 machines has launched a DoS attack on the server of Bitcoin wallet Electrum in an attempt to direct users to software versions designed to steal bitcoins, Theextweb reported. Electrum users have been advised to take extra care when using the platform until the issue is resolved. Security researchers familiar with the matter say that if a user installs a fake version of Electrum, all funds contained in the old version will be lost immediately.
The text also explains that the implementation "relies on the Electrum server to query the channel state." In this regard, he added, "users must use servers they trust" because the server throws error messages about the state of the channel.
This isn't the first time Thatectrum has appeared in a fake version, with hackers developing a fake encrypted wallet, Electrum, in December, resulting in the theft of nearly 250 bitcoins worth about $1 million. In January, GitHub discovered a fake Electrum wallet called "Electrvm" designed to steal users' money. In February, users of encrypted wallets Electrum and MyEtherWallet reported that they were facing phishing attacks. (Stationer's House)
However, after electrum officials said in early 19th that some security mechanisms should be put in place to prevent this "update phishing", many users of Electrum are still in the old version.
Electrum wallet.
Lightning support in Electrum has been around for a long time. Thomas Voegtlin, the founder of Electrum, first told CoinDesk last summer that Lightning would take it to the next version.
The server of electrum, a well-known Bitcoin wallet, has been severely compromised and users are advised not to use the trading platform until they are fully repaired. It is known that a complex botnet pair with 140,000 machines.
Belcher, one of Bittel's most important privacy experts, recently released a detailed overview of how ToinSwap technology is done correctly. The developer, who wrote the Bitcoin Privacy Guide and led the development of CoinMarket and Electrum Personal Server, addressed a range of potential privacy leaks and envisioned a CoinMarket-style mixed currency liquidity market.
This technology has been in the industry for a long time. Connecting hardware to an all-node is also one of the key goals of the Electrum Personal Server project pioneered by developer Chris Belcher. He said in a project announcement last year.
Wallet Qtum Electrum
According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that it was an ongoing phishing attack on Electrum users and advised them to download wallets from the official website.
Wallets that are widely used include Bitcoin Electrum, Ether Wallet, imtoken and Jaxx. The Privat Key for this type of wallet is in the user's own hands, more secure and easy to use. The limitation is that after the transaction signature is completed, the transaction is broadcast out or depends on the central node server, when the volume of business is large, the server performance overload, may cause the transaction can not be successfully sent.
Electrum LTC wallet.
server to communicate. At this point, a limited number of electrum server nodes are mixed with the hacker's malicous nodes.
You can see that the user can manually specify to connect to their own electrumserver. But most users don't understand the principle and don't build their own electrum server.
The fact that not many people know is that Esplora is bundled with a based and optimized Electrum server. This Electrum server is derived from Electrs and is now maintained separately by the Blockstream engineering team. Over the past two years, Esplora has become one of the fastest and most scalable Electrum server solutions available for Bitcoin due to continuous updates and performance optimization. Esplora is also the only Electrum server that supports liquid networks.
You can see that the user can manually specify to connect to their own electrumserver. But most users don't understand the principle and don't build their own electrum server.
The Electrum team has announced the attack in an official tweet, saying that "this is an ongoing phishing attack on Electrum users" and reminding users to check the authenticity of the client's source before logging in. The team published its official website, and electrum clients downloaded elsewhere may be problematic.
In a blog post, Malwarebytes, an antimalware software company, said the number of infected Electrum Bitcoin wallets had reached 152,000 after the server was attacked by DoS, and the total amount of stolen funds had risen to $4.6 million, Cointegraph reported. The company identified a loader called Trojan.BeamWinHTTP, which also involved downloading previously detected Electrum DoSMiner. The largest number of robots are concentrated in Asia Pacific, Brazil and Peru, and botnets are growing to attack Electrum infrastructure.