electrum not verifited, electrum

2021-11-25

Today, electrum Wallet's official Twitter feed repeatedly alerted users to hacking attacks.

According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.

Popular wallet developer Electrum has released an emergency patch for a key vulnerability in its Bitcoin wallet. The vulnerability allows any website hosting electrum wallets to potentially steal a user's cryptocurrency. A vulnerability means that the password is exposed to the JSONRPC interface, implying that the hacker has full control over the wallet. The first patch failed to fix the problem, forcing Electrum to release a second update on Sunday night.

Electrum-LTC is Electrum's community maintenance port, Litecoin's Bitcoin wallet. It is not the official product of Electrum Technologies GmbH, and it is not supported.

UBTC Electrum fixes local BUGs for multi-signature address call contracts.

Another upgrade under study is the release of a new version of the Electrum-LTC desktop wallet. Electrum-LTC is an SPV wallet that can be used in Windows, Linux, and OS X operating systems.

DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.

According to Bleeping Computer, the BTC wallet app Electrom accused a phishing product called Electrum Pro of stealing a user's seed key on May 9 on GitHub and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from BTC URLs managed by Eletrum Pro.

The latest version of UBTC Electrum Light Wallet v3.2.8 is available.

In a forum post on Bitcointalk, website administrator Theymos explained: "If at any time in the past you've logged in to Electrum without a wallet password and opened a web page, your wallet might have been stolen." Particularly paranoid people may want to send all bitcoins (BTCs) from their old Electrum wallets to the newly generated Electrum wallet. "

Basic integration with the electrum server (experimental feature, turned off by default)

Electrum Wallet Encrypted Wallet.

Electrum Wallet Encrypted Wallet.

Trojan.BeamWinHTTP loader, which also involves downloading previously detected Electrum DoSMiner.

The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that it was an ongoing phishing attack on Electrum users and advised them to download wallets from the official website.

Up to 152,000 devices have been used to launch DDoS attacks against Electrum.

Dash releases Dash Electrum 3.3.8.4 version

electrum not verifited

electrum not verifited

Fake: github/electrum-wallet/electrum/releases.

Note: Electrum-XZC is derived from Electrum and uses different seed phrase criteria, so it cannot be imported.

and Android system. Installing Electrum requires you to write down a 12-word seed to help you recover your wallet on multiple devices. If you forget your private key, this seed can also make Electrum look more human. In addition, Electrum has a "cold storage" mode where you don't have to pay Bitcoin to view your balance.

Electrum Litecoin wallet.

Electrum Litecoin wallet.

The cryptocurrencies wallet Electrum has lost nearly 250 bitcoins ($914,000) as a result of the new phishing attack. Electrum has confirmed the authenticity of the attack. An attacker could induce a user to provide password information by creating a fake wallet.

Hackers launched a denial-of-service (DoS) attack on a well-known wallet Electrum server, according to Johnwick.io. Hackers used botnets of more than 140,000 computers to attack Electrum nodes and simultaneously deployed malicious nodes. When a user connects to these malicious nodes and sends a transaction using an older version of Electrum, the user is prompted to update the Backdoor Client. If the user installs the client as prompted, the private key is stolen and all digital assets are lost. Millions of dollars of digital currency have been stolen, according to Electrum officials. De-dimensional Security Labs recommends that users of electrum wallets be updated to the latest version of the client through the official website and never use the link in the prompt message.

This "update prompt" is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as much as 71% of the total, and the show did not fully count that hundreds of bitcoins had been stolen in this phishing attack over the past year or so.

Like Bitcoin's core wallet, Electrum Wallet allows users to control their own funds and private keys. Electrum wallets' private keys can also be exported and used on other supported wallets to access funds. Electrum apps are available for Windows, Linux, OSX and Android, but do not support iOS and browser clients.