Pages:
Author

Topic: Bitcoin stolen. Electrum exploit / phishing - page 2. (Read 410 times)

legendary
Activity: 1792
Merit: 1283
December 28, 2018, 04:52:56 AM
#6
Thanks for sharing it here, I definitely would have missed this news, since I barely visit Reddit any more.
Luckily I only use Electrum to receive small amounts, but it would have sucked if I'd fallen for this.

It prompted me to check out the official Electrum Github page, just so I can memorize that account.

Regardless, I think I'll just always download the binaries from their official website and update manually.
newbie
Activity: 51
Merit: 0
December 28, 2018, 04:29:26 AM
#5
no wonder there is a warning when i opened my account.  these hackers are one of the reasons why people lose their confidence with crypto... something ought to be done about this. really sad.  Sad Angry
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
December 28, 2018, 04:24:07 AM
#4
There's a few harsh lessons to unpack here.

When downloading a new wallet release, make sure you're on the genuine site. In this case, it was a fake Github repository. The official Github wasn't compromised, nor was electrum.org.

Next, always verify the release signature. This is how to do that for Electrum. I would also recommend using Electrum as an offline wallet for additional security.
legendary
Activity: 1288
Merit: 1926
฿ear ride on the rainbow slide
December 28, 2018, 04:07:47 AM
#3
Unfortunately such attacks are very common and you can't be careful enoug so it's good to use every possible protection you can implement. Hackers are very active and will always misuse any vulnerability they find.
In this case they've taken really nice sum of Bitcoin and there is nothing that could be done about it.

Yes it is unfortunate. Awareness reduces victims.

Electrum generally is a good product. There is a lot to be learned from exploits.

Where this phishing is unique is that it is prompted by a visit to the genuine site. So it is a Electrum server exploit prompting users to be phished.
legendary
Activity: 2912
Merit: 1068
WOLF.BET - Provably Fair Crypto Casino
December 28, 2018, 03:42:23 AM
#2
Unfortunately such attacks are very common and you can't be careful enoug so it's good to use every possible protection you can implement. Hackers are very active and will always misuse any vulnerability they find.
In this case they've taken really nice sum of Bitcoin and there is nothing that could be done about it.
legendary
Activity: 1288
Merit: 1926
฿ear ride on the rainbow slide
December 28, 2018, 03:28:02 AM
#1
Initially reported on Reddit it is now mainstream news:

https://www.financemagnates.com/cryptocurrency/news/hackers-steal-250-btc-from-electrum-bitcoin-wallets/

Quote
Hackers Steal 250 BTC from Electrum Bitcoin Wallets
When ‎the user opens his wallet app, he will be redirected ‎to download a fake update created by scammers.

The official Electrum Github confirms the exploit / phishing attack.

The user appears to connect via the genuine wallet and is prompted to upload a fake "update". As part of the "update" they are prompted to enter their 2FA code. This is then used by the attackers to empty their electrum wallet.

Updates do not require a user to enter their 2FA


https://github.com/spesmilo/electrum/issues/4968

Quote
There is an ongoing attack against users where servers raise exceptions when a client broadcasts a transaction; in this case the error text is displayed as is in the client GUI. The attacker has spawned lots of servers on different /16 IPv4s to increase his chances of being connected to. The error messages are trying to get the user to download and install malware (disguised as updated versions of electrum



Quote
There wasn't really any extra information given, however most likely the following happened:

user was using legitimate electrum client
connected to an electrum server operated by the attacker
user tried to broadcast a txn
server replied with an error containing the above rich text message



Pages:
Jump to: