Topic: Multiple Qs prompted by the phishing attack re opsec/vulnerability (Read 334 times)

Just switch to a hardware wallet and make your life easier.

The malware can't make a Trezor screen tell you lies.

Do it one wallet at a time to ensure the never more than one loaded wallet is exposed at a given time.

In addition to this, and while you're at it, I'd consider a cross-platform multisig for those wallets you really don't want to lose anything from.

Attackers are generally only able to attack one piece of the software. The last phishing attack only attacked computers. If you have another wallet on your phone for authenticating everything then you start to make things a lot more secure. An basic android phone or tablet (even an old one) might only set you back $100-1000 at most and it's worth the investment for the added security it'll give you (about as helpful as a hardware wallet as apps generally aren't able to communicate with each other quite as easily in android). Although I'd prefer it to a hardware wallet as there's less of a likelihood the phone producer will steal everything.

Yeah... exactly. You're relying on the malware makers to be very lazy and implement a very simple and "immediate" attack. A "delayed" attack will certainly defeat that setup.

Encrypting the wallet files (possibly with different passwords) and checking/verifying the digital signatures of downloaded installers is really the best form of defense.

That's not the perfect solution.. Just encrypt your wallets.

There are time-based malware. What if you decrypt everything and after a month or a few days, all your keys are sent to a main server. They then batch broadcast a load of transactions and all your coins are gone (this IS about as possible as the last attack).

Yes! That sounds like just what I'm looking for! I will check into the portable version.

"BadElectrum"™ only getting the one associated wallet before i discover the breach is a small price to pay for more peace of mind. (though with a name that catchy, perhaps it deserves more)


I did DL and checksum GPG4win on a 'disposable' device but didn't finish installing and GPG verifying the DL yet, but ill eventually get comfortable with it.

I think I understand what you're saying... you're wanting each Electrum instance to only have access to ONE wallet file... so if you accidentally update with a "BadElectrum"™, only the contents of that one wallet will be at risk...

If you are on Windows and use the "Installer" or "Standalone" versions... then no, it will store your wallet files in your "%AppData%/Electrum/wallets" folder... However, if you use the "portable" version, it looks for (and/or creates) a "wallets" sub-folder in the folder where you execute the .exe from...

So... if you created a random directory somewhere... ie. "SuperSecretElectrumFolder"... and then created subdirectories for each wallet... and put a unique copy of the portable .exe in those subdirectories, it would essentially do what you're looking for.

Starting with:
C:\MyElectrumFolder\wallet1\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\wallet2\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\wallet3\electrum-3.3.4-portable.exe
...
C:\MyElectrumFolder\walletX\electrum-3.3.4-portable.exe


After running each portable.exe and creating a wallet, you would then end up a folder structure like this:
C:\MyElectrumFolder\wallet1\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\wallet1\wallets
C:\MyElectrumFolder\wallet1\wallets\default_wallet

C:\MyElectrumFolder\wallet2\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\wallet2\wallets
C:\MyElectrumFolder\wallet2\wallets\default_wallet

C:\MyElectrumFolder\wallet3\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\wallet3\wallets
C:\MyElectrumFolder\wallet3\wallets\default_wallet

...

C:\MyElectrumFolder\walletX\electrum-3.3.4-portable.exe
C:\MyElectrumFolder\walletX\wallets
C:\MyElectrumFolder\walletX\wallets\default_wallet

When you run any of the portable.exe's it would only see the "default_wallet" file that exists in it's own folder structure...


However, as Abdussamad has already indicated... you can't really know for certain that a malware version of Electrum isn't doing things other than just sending your coins or seed to a thief... it's quite possible it could be installing all sorts of rogue scripts, processes, viruses, keyloggers etc...

This portable.exe setup would ONLY save you from the very "basic" attack that involves waiting until you start the fake wallet, open your wallet, enter password and sending either the decrypted seed or autosending a transaction containing all your coins.

Verifying the digital signature of the Electrum installer or portable.exe files is the best way to safeguard from fake versions of Electrum.

You can set a password via wallet > password. Be sure to write down the seed before you do this in case you forget your password. Seed can be referred to via wallet > seed.

I've already explained above that if you install malware nothing on your system will be safe. The only step you can take is to not install malware in the first place. Learn to verify the gpg sig so you don't install malware by accident.

Ya, I have no reason to believe there is anything wrong with my current (un-GPG verified) installation of electrum but i am far less safe than i believed i was if a malicious electrum install can sweep coins from all wallets/seeds on the device.

I follow the steps here every time i generate an address to receive bitcoin:
https://bitcoinelectrum.com/creating-an-electrum-wallet/#comment-7419
(Standard, New seed, Legacy, password-left blank which now seems like some degree of mistake)

What steps should i take so in the future should i install a corrupted version of electrum client that only the contents of the active seed/wallet would be lost, not other wallets on the same device?

IE:
Electrum client (corrupted)>>
-wallet0 (old) >BTC(spent, dust, unimportant)
-Wallet1(ACTIVE) >BTC (stolen)
-Wallet2 >BTC (safe)
-Wallet3 >BTC (safe)
-Wallet4 >BTC (safe)
-Wallet5 >BTC (safe)
.......
.....

^^ is that possible? What steps do i have to take?

Once you install malware on a system you should consider that entire system compromised. Installing multiple copies of electrum won't do anything for you.

However if this is a general question regarding support for multiple wallets then that is definitely there. You can create new wallets and switch between them.

The installer has "2013-2018 Electrum technologies GmbH" under copyright and under Digital Signatures, name of signer (without 2013-2018) with a timestamp of Wednesday February 13, 2019 4:57:17 PM but that is a different type of verification than the GPG4win method which is the only signature verification method i have seen suggested.

Whenever I run my wallet it gives me the run or cancel dialog which it would do for you on install I think.

It says its signed by "electrum technologies Gmbh" for me and I don't remember importing keys for it...


Generally sometimes it'll say unknown publisher but if you click on properties it usually doesn't once its signed.

Ya its definitely on me for not seeking out these answers sooner, but I'm working through the appropriate paranoia now, hopefully while incurring no losses due to lax procedures in the past.


so using wallets with strong passwords will leave just the active wallet vulnerable at any given point? (I'd be happy with that)


Windows 10 (i thought windows was the OS without a native process for it)

To be honest. It's slightly on you for not setting a password. If you had a strong password on all the other wallets then you can consider those safe.

What OS are you using? Windows has a built in way to check signatures and so does Linux. (although debian and Ubuntu have usually outdated stuff). I don't like installing anything related to signature validation either but its more likely the key for that is on your computer already.

Password protecting the wallet is the only solution. A malicious wallet can copy your entire file system. In the background while you don't notice (it could actually be doing it now theoretically). Heuristics can track down these sort of files easily.

Thank you for the detailed reply.

The GPG process involves installing software that i haven't verified, which could itself be malware. I couldn't figure out a way past that dilemma. Its a chicken or the egg situation if i already have btc on the device.


I imagine I am not the first to mention this but just in case...

It seems like an inelegant design to have no way to protect various wallets from the client. (malware that would seek out and open wallets should get flagged by scans, unlike hard coded send addresses employed in some of these attacks), that cant be a relatively easily remedied oversight in design can it, because it seems quite valuable to add if it is possible? (fingers crossed for future versions)

Also is there a way to install several instances of electrum on a single device, one for each seed? (are there other lite clients comparable to electrum?)

The simplest most intuitive way for someone less savvy to protect themselves from catastrophic loss is "not putting all your eggs in one basket"

(or more appropriately, not putting all your eggs in 3 baskets when you could spread them over 30 or 300. Losing 1/3 of your btc is devastating losing 1/300th would make you relieved you were alerted to a security issue cheaply by comparison)

All this tells you is that you correctly downloaded the same file. It doesn't tell you whether this file is legit electrum or fake electrum. That's why we do gpg signature verification. When you do that you are checking that the maintainer has signed the file in addition to checking that you downloaded it correctly. If you trust the maintainer ThomasV then you can trust the download.


You can still gpg verify the download so I suggest doing that. That'll make your life a lot easier. Here's a guide. You learn how to do this once it serves you every time you need to update electrum going forward. Electrum gets updates a lot so you will need this knowledge.



The wallet file is encrypted with the password you set in electrum. So the attacker gets access to your coins as soon as enter the password. If you never do that he doesn't get access to your coins although there's still the possibility that he installed other malware on your PC. It's also possible that he may get your encrypted wallet secrets and attempt to brute force your password at his convenience. So if you never entered the password you should still move your coins to a new wallet.


You can't. If the wallet is malware it doesn't matter what you do you will lose your coins.


Reinstall the OS, download, gpg verify and install genuine electrum and then move your coins to new wallets with new autogenerated seeds. You can create a new wallet via file > new/restore, enter a unique filename and click next for the rest of the steps.


Learn to gpg verify the download and save yourself the headache and worry.

Aah, OK, that was well over my head but i think i kind of understand the general idea now.

Hopefully there is something local i could do to keep the various seed/wallets isolated from one another so the only wallet vulnerable to a potentially corrupted client would be the currently active one.

At this point my best guess would be to find and delete the wallet.dat files of all wallets and restore one by one from seed. (or restore them as a format that doesn't allow more than one to be stored in "recent" at a time but i don't know how to do that or if its possible)

Post 3 paragraph 2 is what I was replying to? How to stop that exact sort of attack from happening. Pool owners can put transactions into blocks without them being broadcast. Bitmain and f2pool I know of have special software for including their own transactions.

I think you meant this for a different thread

Back when transaction fees were high and people needed to pay for transactions to be confirmed more than normal, pools used to offer a transaction acceleration service. You could try contacting the owner of f2pool I think they're active on the forum (I'm not sure of their name though you could pm quicksellers first in order to get it).

Edit: the owner is macbook-air but he's been away for a while https://bitcointalksearch.org/user/macbook-air-16114. Message a few pools support with the transactions.

they all hash identically despite different names given to copies of what i assume are the same file.


In the immediate sense what i would want to avoid is the situation where the BTC from other wallets havent been stolen yet, but somehow they will be when i attempt to broadcast a transaction or generate a new seed in a compromised client.

Otherwise they are already gone and i cant do anything about that, or they are already as safe as they were before the new installation.


It does bother me that i had thought i was being clever protecting myself by separating funds into different wallets every time i receive new btc but it occurs to me now that very much may not be the case.