Author

Topic: [2018-05-09] BTC Wallet Electrum Exposes Malicious Copycat (Read 163 times)

legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Wow, there is need to get this kind of message to everyone but unfortunately, some people who will fall scam of this because a lot who are not conversant with the latest news might read about upgrade and just decide to go through Google and the moment they type Electrum the suggestions comes up which would further lead loss of funds. I wonder what people stand to gain by going extra effort just to steal people resources when such effort can be channelled towards making of a working product that would add value to the community.

I'm sure that they many has bee victimized by this so called Electrum Pro specially newbies who just type Electrum in Google and downloading the fake one. And the devs behind Electrum have been bombarded with so many complaints that they have to do something about it. And now they have proven it to be such cases. I do hope that this news will reach everyone who wants to get Electrum otherwise they will be another statistics. As for the reason for doing it? fast money. They should be tagged as cyber "criminals" and should be dealt with the full hands of the law.

This site is down for days and domain is for sale, whoever tried to make fake Electrum site failed to do so because of very strong pressure from crypto community. I do not think there was any or too many victims of this phishing site, but it should be kept in mind that will always be such attempts.

But when Google ban crypto related advertising, with Twitter and Facebook bans and latest Bing announcement, then it will be very hard to trick users with fake sites/wallets.
legendary
Activity: 3080
Merit: 1353
I'm sure that they many has bee victimized by this so called Electrum Pro specially newbies who just type Electrum in Google and downloading the fake one. And the devs behind Electrum have been bombarded with so many complaints that they have to do something about it. And now they have proven it to be such cases. I do hope that this news will reach everyone who wants to get Electrum otherwise they will be another statistics. As for the reason for doing it? fast money. They should be tagged as cyber "criminals" and should be dealt with the full hands of the law.
hero member
Activity: 798
Merit: 503
Wow, there is need to get this kind of message to everyone but unfortunately, some people who will fall scam of this because a lot who are not conversant with the latest news might read about upgrade and just decide to go through Google and the moment they type Electrum the suggestions comes up which would further lead loss of funds. I wonder what people stand to gain by going extra effort just to steal people resources when such effort can be channelled towards making of a working product that would add value to the community.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Damn they even have the guts to create a Google ad with their website to promote their malware and another shocker is the domain name "electrum.com" is what they are using, electrum in the first place should have bought the domain name as people will take advantage of the availability. The malware is without a doubt dangerous for existing electrum users who will re-install or install electrum to their new desktop, just inputting your private key to the fake one means a done deal for them. But any careful person won't fall for this kinds of easy tricks, from a way too different site design to a semi-altered logo you will know the difference from the fake to the real one.

Electrum is trying to buy that domain back in 2012, but owner is asking too much money(allegedly the price asked is in range of buying house) , and I assume today price is even bigger - so new owner is invest money in domain/site and of course he is trying to make some profit//Google ads is an excellent choice - cheap and efficient.

There is a thread in Electrum board with more info regarding this problem, users should use Google Safe Browsing to report such sites, and they will be removed with time.In the meantime only site for official Electrum is https://electrum.org/#home

More info here : https://bitcointalksearch.org/topic/electrum-we-now-have-proof-electrum-pro-is-malware-3654369

hero member
Activity: 1680
Merit: 655
Damn they even have the guts to create a Google ad with their website to promote their malware and another shocker is the domain name "electrum.com" is what they are using, electrum in the first place should have bought the domain name as people will take advantage of the availability. The malware is without a doubt dangerous for existing electrum users who will re-install or install electrum to their new desktop, just inputting your private key to the fake one means a done deal for them. But any careful person won't fall for this kinds of easy tricks, from a way too different site design to a semi-altered logo you will know the difference from the fake to the real one.
sr. member
Activity: 546
Merit: 252
Popular bitcoin wallet service Electrum has released evidence demonstrating that copycat client “Electrum Pro” is “bitcoin-stealing malware.”

First launched in 2011, Electrum has long been one of bitcoin’s most popular wallet clients, and many users trust the wallet for its proven security, ease-of-use, and its support for advanced features like multisig authentication and compatibility with hardware wallets like Ledger and Trezor.

Recently, a new wallet that goes by a similar name — Electrum Pro — popped up with the domain name, electrum.com, clearly attempting to divert users from the official website at electrum.org.

The team behind Electrum now claims Electrum Pro is a malware meant to steal bitcoins. To make things worse, Electrum Pro comes above the legitimate Electrum on Google search because of Google Ads, a fact that will clearly trip up many users.

The team behind Electrum has given a detailed explanation on Github which anyone can follow to find the rogue lines of code on Electrum Pro which steals recovery seeds and sends them to the attackers.

Aecovery seed is a feature in most modern wallets where random words are generated that can be used to recover a wallet if the keys are lost. Once these keys are transmitted, the scammers can use it to retrieve user wallets along with all their funds.

This is not the first time a fraudulent Electrum wallet has appeared. Scammers have registered similar domains, hosting an infected version of the software for users to download. However, this is the first time scammers have been able to use the electrum.com domain.

The website looks reasonably professional, and it is hard to identify it as a fraud unless you have been to the original site before. They have a slightly different logo and claim to be a fork of the legitimate Electrum wallet.

Electrum claims the malware is only available in the Windows and OS X versions of ElectrumPro. The Linux version remains unaffected, probably because the scammers did not want to have it in plain sight.

To combat these problems, Electrum recommends users check the GPG signatures before they start using the wallet. In addition to GPG signatures, Electrum is working towards verifying the wallet using Windows native scheme. Also, some point, they intend to have the official app on Mac App Store to avoid similar scams.

If you have recently installed Electrum, make sure you installed the official version from electrum.org and not from any other source. If you mistakenly used the malicious wallet, move your bitcoins immediately and remove the application from your computer.

https://www.ccn.com/bitcoin-stealing-malware-btc-wallet-electrum-exposes-malicious-copycat/
Jump to: