Electrum hackers pre-empted a large number of "normal" electrum servers on the P2P network.
By default, electrum wallets are randomly connected to a set of Electrum servers. From a privacy perspective, this is not a good thing because it discloses your wallet address and balance to unknown third parties. And unfortunately, many public Electrum servers are run by individuals or groups of blockchain analytics companies or worse. Therefore, if you are using an Electrum wallet, it is generally recommended that you run your own Electrum server and then connect the wallet to that server.
Public Electrum server
This isn't the first time Thatectrum has appeared in a fake version, with hackers developing a fake encrypted wallet, Electrum, in December, resulting in the theft of nearly 250 bitcoins worth about $1 million. In January, GitHub discovered a fake Electrum wallet called "Electrvm" designed to steal users' money. In February, users of encrypted wallets Electrum and MyEtherWallet reported that they were facing phishing attacks.
Electrum was launched in 2011 with a lite version of Bitcoin wallet with an open source code under MIT licenses.
Electrum's ElectrumX performs better than a personal Electrum server and includes a P2P exploration protocol that enables the wallet app of the average user to automatically find and connect to the server. These features make it a great solution for setting up public Electrum servers.
DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
electrum with vpn
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum Wallet is fast and has few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that it was an ongoing phishing attack on Electrum users and advised them to download wallets from the official website.
You can use Security Seeds to recover your wallet on any Electrum client, even on the Electrum Wallet online web program.
Reminder: Digital wallet developer Electrum has released an emergency patch saying it found vulnerabilities to steal users' digital currency.
Bitcoin Wallet providers like Trezor and Electrum.
If you haven't set up Electrum Wallet to be compatible with your phone wallet, you can use the private key to recover the Electrum wallet on your web wallet. Select Wallet - "Private Key" - "Export" on the Electrum wallet and you will export the file qtum-electrum-private-keys.csv or copy only one private key. Select Recover from WIF on your web wallet, paste the private key, and select Confirm. Check that the wallet address is correct. You may need to use Dump as a Key File to save the key file.
Star Daily News Bitcoin Wallet Electrum official Twitter announced that the next version of Electrum will support Lightning online payments. Its lightning node implementation has been consolidated into the main branch of Electrum. Electrum also confirmed that the wallet will adopt a new implementation of in-house development written using Python. (Cointelegraph)
According to Bleeping Computer, the BTC wallet app Electrom accused a phishing product called Electrum Pro of stealing a user's seed key on May 9 on GitHub and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from BTC URLs managed by Eletrum Pro.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
From August to September, the Bitcoin wallet Electrum was phished twice by hackers. According to statistics from various parties, the phishing attacks forged Electrum upgrade notifications have stolen at least 1,450 BTC worth $11.6 million.
When an Electrum wallet queries a third-party Electrum server, the server can link two transactions together and know which address is a zero address.
Attackers reportedly created their own Electrum servers, which hosted the attacked version of Electrum in order to implement the attack. When the user will be vulnerable.
At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Electrum upgrade tips, with a total value of approximately $11.6 million.
Wallet, Coldlar, Electrum, Huobi.
It's not hard to run your own Electrum server and point your wallet to just use it. This restores Electrum to the point where it has the same privacy and security attributes as the full node, where no one else can see the address or transaction that the wallet is interested in. Electrum then becomes an all-node wallet.