One victim wrote in another Reddit post: "When I logged on to the site, I was immediately asked for a 2 Factor code that I thought was a bit strange, and Electrum usually only asks when you're trying to send an email." And added.
Electrum uses less storage space and less bandwidth, but it also relies on other servers to process payment information, making it vulnerable to hackers.
This isn't the first time electrum has appeared in a fake version. In December, nearly $1 million of BTC was stolen when hackers developed a fake encrypted wallet, Electrum. 1 this year.
Electrum personal server.
Click to get the Electrum Personal Server source code and the Electrum Wallet source code.
Many wallets do not currently support custom fees, which can cost users a lot of fees. I strongly recommend waiting a while when there are more transactions in the memory pool, and then transfer your currency to an address where you can customize the fee. You can Google which wallets support custom fees, currently electrum and Bitcoin.
At this point, I think it's time to stop the metaphor. I ask: What has all this effort achieved? Who can get an improvement from these purely selfless displays?
Electrum is a popular software wallet that works by connecting to a dedicated server. These servers receive a hash of the Bitcoin address in the wallet and reply with transaction information. Electrum Wallet is fast and has few resources, but by default, it connects to these servers and can easily monitor users. In addition to Electrum, some other software uses public Electrum servers. By 2019, it is a faster and better alternative to BIP37.
Qtum Electrum synchronously updates electrum-related code.
Dash Electrum 126.96.36.199 was released, renamed Dash-Electrum, adding the option to use Tor Proxy at startup, according to Dash Coin. DASH is now trading at $159, down 3.26 percent.
Reddit user u/normal_rc: 'The attacker set up a lot of malicious servers. Once a user's Electrum wallet is connected to these servers, they see what appears to be an official message when sending bitcoin transactions, telling them to upgrade the Electrum wallet, which actually contains a fraudulent URL.
I can give an example
You can use Security Seeds to recover your wallet on any Electrum client, even on the Electrum Wallet online web program.
If someone's Electrum wallet connects to one of these servers and tries to send a BTC transaction, they see an official message telling them to update their Electrum wallet, as well as a scam URL.
According to slow fog zone news, Electrum fake upgrade tips of the phishing attack has stolen at least 200 BTC, this attack by upgrading Electrum alone can not be avoided, the need for the entire ecological service to make corresponding changes (because Electrum this client is not a full node, and then on the transaction broadcast and the corresponding service side of the message communication, attackers can also deploy malicious server). Slow fog zones remind users that phishing attacks like Electrum require long-term vigilance. The slow fog zone has previously issued an alert for selectrum phishing updates, and hackers who attacked Electrum wallets used Electrum's software to unusually construct malicious software update prompts to induce users to update and download malware usage.
This update prompt is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so.
Although we recommend that individual users set up their own Electrum server, you can also use the official Blockstream Electrum server if you prefer, and the table below contains details of the connection. The server operates on the same principle as Blockstream Explorer: no logs, no traceability, and Tor support.
Multi-signal: Electrum accepts multi-signature trades. Multiple wallets are required to sign the transaction before it can be approved.
Electrum- an anonymous e-wallet provider that provides users with real-time payment for goods and services while providing loyalty and counterfeit product identification services to customers.
Digital Wallet Electrum was hacked, losing 250 bitcoins.
Turn on Electrum.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more.
In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client, forcing an "update prompt" to pop up when a user transfers money, inducing the user to update and download the malware, which in turn commits a currency theft attack. Although electrum officials said in early 2019 that some security mechanisms would be in place to prevent this "update phishing", many users of Electrum are still in the old version (less than 3.3.4) and the old version is still under threat. However, we do not rule out a similar threat to the new version.
However, after electrum officials said in early 19th that some security mechanisms should be put in place to prevent this "update phishing", many users of Electrum are still in the old version.
Until now, the ElectrumX original was the only server available for the P2P exploration protocol, resulting in almost all Electrum wallets relying on servers running on the original ElectrumX. This week, we introduced P2P exploration as an optional feature of Esplora. In this case, Esplora is the only other option for electrum servers designed for public wallets.
One victim wrote in another Reddit post: "When I logged on to the site, I was immediately asked for a 2 factor code that I thought was a bit strange, and Electrum usually only asks when you're trying to send an email." He added: "I kept trying to send it, but I kept receiving an error code saying'up to 50 sat/B', and then I recovered my wallet on another computer and found that the balance had been transferred out." "
Can I deposit cryptocurrencies using Fiat payment methods?
Electrum wallets have been hacked in recent days and nearly 250 bitcoins have been stolen, according to blockchain security team Devi Security Labs. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website." Mars Finance reminds users not to install electrum wallets from unknown sources.
But I believe that these thousands of people will set off a big ecology, blowing up an eos big ecological cyclone, can not stop.