Author

Topic: Beware of electrum. !!! Stilling founds ? (Read 276 times)

legendary
Activity: 3080
Merit: 1353
April 08, 2019, 08:36:01 PM
#13
How does anyone usually receive software updates? Here's how: the software would display a pop-up message with a link to the update.

With that being said, we should've known by know that verifying a signature is a must to make sure we download the legit one. I feel sorry for OP but if he pays attention to Electrum download page (or any wallet download page), he should be aware that there's only one place to download Electrum and then he needs to verify the signature after he downloads it.

But of course, Electrum has to get better to prevent something like this from happening, which Electrum do right now even though it is slow.

I agree. Last month of so, electrum has been a target by the hackers, recently it was a this attempt, Electrum servers are currently under a DDoS attack. It is still one of the best wallet, if not the best, but if lots of users are losing money, then I wouldn't be surprise if they move their funds on another wallet service.
sr. member
Activity: 910
Merit: 351
How does anyone usually receive software updates? Here's how: the software would display a pop-up message with a link to the update.

With that being said, we should've known by know that verifying a signature is a must to make sure we download the legit one. I feel sorry for OP but if he pays attention to Electrum download page (or any wallet download page), he should be aware that there's only one place to download Electrum and then he needs to verify the signature after he downloads it.

But of course, Electrum has to get better to prevent something like this from happening, which Electrum do right now even though it is slow.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
I'm with Abdussamad on this one...
But my main point was twofold:
  • FIRST and foremost: we can't blame the OP... He's a victim here, and i think he deserves our sympathy. He fell for a scam and lost money, everything we say is meaningless to him. The only one we can really blame for any scam is the scammer. Sure, he might use vulnerability's in order to scam his victim, but in the end it's his choice to take something that doesn't belong to him/her.
  • SECOND point: the OP was victimized because he followed a popup leading him to a wrong website where he downloaded a fake electrum version. All this was possible because he ran an outdated electrum version, followed a popup that prompted him to go to an unofficial webpage and didn't check the signatures of the files he downloaded... I think he has the right to warn people about this, but i think he's sending the wrong message... If he would have made a post with the title: "warning, always check electrum's signatures, i lost xxx BTC by using a fake version" I would have agreed with him 100%, but if he makes a post driving people away from one of the better SPV desktop wallets i have to disagree with him

Now, in hindsight, i have to agree that the initial vulnerability that allowed a malicious node to send a message to it's connected users was bad... Electrum is free and open source, over it's lifetime a couple vulnerability's have been found, and all have been fixed in a reasonably short time. Other wallets will surely also have vulnerability's to.

I still recommend everybody to store his/her funds in either an airgapped wallet, a properly generated paper wallet or a hardware wallet and only use desktop wallets for storing a couple hundred bucks worth of crypto (at most). I'd also keep recommending people never to use online wallets, exchange wallets or casino wallets. My recommendation for using electrum as a desktop wallet will not change, however i have started issuing warnings for people to always double check from where they download electrum and double check the signature before running any electrum binary...
legendary
Activity: 3682
Merit: 1580
It is careless because you're dealing with digital cash and if you're not careful your money will be stolen and you won't be able to get it back.

newbie
Activity: 3
Merit: 1
@Abdussamad @mocacinno

How does anyone usually receive software updates? Here's how: the software would display a pop-up message with a link to the update.

It is not unreasonable or careless to simply follow that link and install its content.

It really sucks that this happened to @btc2usd.biz. I don't see that they did anything extraordinarily careless or such...
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
I RECOMAND EVERYONE TO MOVE FUNDS FROM ELECTRUM ANYWAY ... !!!

Sorry for you loss, but for now, as far as i know, electrum does remain one of the safest SPV desktop wallets. Recommanding people to move away from electrum might be driving them towards inferior wallets.
The main problem here is that you downloaded a fake electrum version from a scammer. He used a known vulnerability in a previous electrum version that allowed him to send you a message when you connected to his node... This issue has been fixed in more recent versions, this doesn't mean the software is guaranteed 100% vulnerability-free, but i don't think there's a guarantee like that with any of the free software you use...

You're the victim here, so i won't be victim-blaming. You got scammed and i really feel sorry for you... But think about it like this: if a nigerian prince send you an email asking for $1000 promising he'll send $1000000 back, will you do this without verifying anything about his story just because you have a phone, he has a phone and he knows you phone number? Well, you downloaded a version of electrum just because somebody sent you a message telling you to do this. Granted, the message looked pretty convincing, but so does the story told by the "real" nigerian prince Sad

Bitcoin is money, don't trust anybody, verify all signatures, never give away your private keys, use encryption and strong (unique) passwords whenever possible, keep your pc clean,...
newbie
Activity: 55
Merit: 0
I RECOMAND EVERYONE TO MOVE FUNDS FROM ELECTRUM ANYWAY ... !!!
HCP
legendary
Activity: 2086
Merit: 4361
my problem is that i have dowloaded MALWARE the UPGRADE from official site.

.Krypt1k86 commented on Feb 13
Thanks! I'll check out that issue.
The customer was using 3.3.3.
He received a message in-app to update to 3.3.4 due to a vulnerability after trying to send a transaction.
clicked on the in-app link that was in the pop-up message.
After the upgrade from the in-app link to 3.3.4 (malicious software), although the funds were now swept, the wallet displayed as if the funds were still there and gave a message stating "Too high fee".

this describe my situation best ...!!!
What you have described IS the phising attack... Despite the "upgrade" link showing up in Electrum, it was a "fake" message from the thief, pointing to a fake version of Electrum that was NOT hosted on electrum.org. So, you have indeed installed a fake version of Electrum which has sent all your funds to the thief.

Unfortunately, those funds are not recoverable. Undecided
legendary
Activity: 3682
Merit: 1580
That's the phishing vulnerability. You installed malware. Sorry for your loss.
newbie
Activity: 55
Merit: 0
my problem is that i have dowloaded the UPGRADE from official site .





.Krypt1k86 commented on Feb 13
Thanks! I'll check out that issue.

The customer was using 3.3.3.
He received a message in-app to update to 3.3.4 due to a vulnerability after trying to send a transaction.
clicked on the in-app link that was in the pop-up message.
After the upgrade from the in-app link to 3.3.4 (malicious software), although the funds were now swept, the wallet displayed as if the funds were still there and gave a message stating "Too high fee".

this describe my situation best ...!!!

legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
It seems that you installed fake electrum wallet based in your statement.
Can you share the website where did you download the Electrum 3.3.4 and also for 3.3.3 I'm collecting phishing websites to report it to google and most of the well-known AVs and also to be aware of the phishing websites?

Also, to verify if you downloaded the Electrum wallet directly from the official website or the correct website URL.

You can post the website from this thread ⚠⚠️⚠~Beware on active phishing Electrum websites~⚠⚠️⚠ (Collection list updated)
So that other Electrum user's are aware of another phishing electrum site.
legendary
Activity: 2702
Merit: 4002
Where did you download that wallet? https://electrum.org/#download[/b]]https://electrum.org/#download  & verify download OS signature?.
I am afraid that you download a scam wallet [phishing scam]  this address "3JY8E6o77H8xWnhtQtAKnUPa2YFE3PA5BH" linked to the reporting of phishing scam wallet -----> LOST 8.55194 to the scam: Fool Of The Year Award.

If this is what happened to you, you downloaded a wrong wallet and lost your money.



Advise: Download the wallet from the official link and verify the signature.
newbie
Activity: 55
Merit: 0
good day . today i was login into my wallet and have seen that founds has disppear  from my account. the problem have start with the new updated 3.3.4 wallet ... there was allway as synchronising ... i got back to 3.3.3 version and my account on 0 .
any advise  ?
 
update :
founds have been sended to this address .!!
https://blockchair.com/bitcoin/address/3JY8E6o77H8xWnhtQtAKnUPa2YFE3PA5BH

can anyone give any advise ?
Jump to: