Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Here we remind users that when transferring money, special attention needs to be paid to whether the destination address has been replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
(a) Limited Power FDI Attack (b) Unlimited Power FDI Attack.
This update prompt is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so.
In this demo, Electrum developer Chris Belcher shows how to set up and use electrum personal servers.
If someone's Electrum wallet connects to one of these servers and tries to send a BTC transaction, they see an official message telling them to update their Electrum wallet, as well as a scam URL.
By comparing the electrum-wallet with the official website downloaded by the electrum software, it was found that the software added code to steal a user's wallet and key and sent it back to sites such as Robert Paulson.me, pinnacle-consulting.pw, bestoftechforums.org, which is still alive, proving that the attack is still ongoing.
In people's traditional thinking, the game is entertainment, is time-consuming, money-consuming consumption behavior. Why does the Babao Tree game create value?
Doing so protects your privacy because other Electrum nodes won't be able to see your address and balance. It also lets you verify on the mobile side that the in-account transaction is confirmed.
There are 56,140 unconfirmed transactions on the Bitcoin network today, with a median transaction fee of 0.00029534 BTC, and 17614 unconfirmed transactions at Ethereum.com with a median transaction fee of 0.0004095 ETH.
To use mnomets to transfer addresses from electrum wallets to web wallets, you need to set Electrum to be compatible with Qtum phone mnomets in the initial installation (and then use phone wallet mnomets to restore phone wallets on Electrum). This setting is screenshot of the Electrum configuration.
The Healthy Security Lab is concerned that Nearly 250 bitcoins have been stolen in a recent hacking attack on an Electrum wallet. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that it was an ongoing phishing attack on Electrum users and advised them to download wallets from the official website.
In particular, miners can mine chunks faster in the network because LTC transactions are much faster. For example, it now takes about 10 minutes to extract a block from the Bitcoin blockchain, while Litecoin takes only 2.5 minutes.