1. electrum public address, Watch-only public-address "payto" transaction cannot be signed with "signtransaction"

    2020-11-14

    Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have "message defects" that allow an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing to the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. Here we remind users that when transferring money, special attention needs to be paid to whether the destination address has been replaced, which is a very popular method of currency theft recently. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.

  2. electrum 2.4 servers, r/vergecurrency - Getting TX Rejected when sending from Electrum wallet.

    2021-04-05

    In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client to force an update prompt to pop up when a user transfers money, inducing users to update and download malware to carry out a currency theft attack. Recently, slow fog technology anti-money laundering (AML) system through continuous tracking found that one of the attackers wallet address bc1qc... p2kny has stolen more than 30 BTCs for six months and has been active recently. Slow Fog alerts Electrum users to update prompts, the new version of Electrum in this update prompt is likely to be false, if installed, please promptly transfer Bitcoin out in another security environment. At the same time, slow fog called on the vast number of cryptocurrencies exchanges, wallets and other platforms of the AML wind control system black and monitor such as the above Bitcoin address. This update tip is a phishing attack by an attacker who exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). At the time of the madness, malicious ElectrumX servers accounted for as many as 71% of the total, and according to incomplete statistics, hundreds of bitcoins have been stolen in this phishing attack over the past year or so. Although in early 2019 Electrum officials have said they want to adopt some security mechanisms to prevent this kind of update fishing, such as: 1. Patch Electrum client does not display rich text, does not allow arbitrary messages, only strict messages; Patch ElectrumX server implementation detects Sybil Attack (i.e. witch attacks, malicious servers that send phishing messages) and no longer broadcasts them to clients; Implement blacklisting logic to alert malicious servers outside the Electrum client view; Promote social networking sites, websites, and all forms of communication that exist with users, who should always run the latest version and always only install from official sources (electrum.org), access through security protocols (https), and verify GPG signatures in advance. However, many users of Electrum are still in the old version (less than 3.3.4), the old version is still under threat, but slow fog does not rule out that the new version will have a similar threat.

  3. electrum requests box, electrum

    2021-04-05

    At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.

  4. electrum litecoin transaction fee, Transaction fees

    2021-04-05

    LTC founder Li Qiwei tweeted that Litecoin Core 0.15.1 rc1 had been released with a test address. Earlier, Li Qiwei tweeted that the new version of the Litecoin network fork is less likely, the minimum transit fee (minimum relay fee) reduced to 0.00001 LTC/kB, in preparation for the next version to further reduce transaction fees, may be reduced to 0.0001 LTC/kB.

  5. electrum not valid wallet address, electrum wa

    2021-04-05

    Lightweight Bitcoin Wallet Electrum announced that the next version will support Lightning network payments, implemented with Python, an electrum network node where wallet users do not need to run Lightning network nodes themselves to make payments, and electrum's Lightning network nodes have now been merged into the Electrum master branch.

  6. electrum xpub address, electrum.bitcoin.xpub_from_pubkey

    2021-04-05

    This isn't the first time Thatectrum has appeared in a fake version, with hackers developing a fake encrypted wallet, Electrum, in December, resulting in the theft of nearly 250 bitcoins worth about $1 million. In January, GitHub discovered a fake Electrum wallet called "Electrvm" designed to steal users' money. In February, users of encrypted wallets Electrum and MyEtherWallet reported that they were facing phishing attacks.