Author

Topic: The attack on Electrum servers seems to be over (Read 255 times)

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: Artemis3 on April 17, 2019, 02:45:38 PM

Quote from: ?? on ??

With Electrum server nature which allow anyone to connect (exception for blacklist known IP used for DDoS/malicious acitivty), it's over for now.

Attacker will find another way as long they have money and will to do it.

Out of fun these days i decided to run my own Electrum server, since i have a full bitcoin node synced and all... And i got one called "Electrum Personal Server", Lo and behold, it made the Electrum wallet work like Bitcoin Core or better. So if the public servers go down i could always use mine now. Next i could try running Electrumx or the other one, not sure which is better, but if i do, i would run it only over tor as a hidden service...

it probably is better if you run ElectrumX since it is the most used and because of that it has least amount of bugs. but you shouldn't ignore the alternatives either. the only thing to consider when running an alternative is to check if it is actually an "alternative implementation" or is it the same thing translated into another programming language or if it is a simple wrapper around the main one with additional features.

Artemis3

legendary

Activity: 2030

Merit: 1569

CLEAN non GPL infringing code made in Rust lang

Quote from: ?? on ??

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: moha sasa on April 15, 2019, 02:29:39 PM

what is to be gained from such an attack!!??

Quote from: hugeblack on April 17, 2019, 08:15:43 AM

Many people are still on older versions.

And this is a big problem, because versions older than 3.3 would only connect to the bad servers and will also show the scammy update message.
This is what they gain from the attack: still real chances to catch uninformed users update to their clone of Electrum.

hugeblack

legendary

Activity: 2688

Merit: 3983

Quote from: TryNinja on April 15, 2019, 02:35:14 PM

I assume they are attacking the Electrum's servers so their malicious ones can be the only ones working. The user will try servers/close and reopen Electrum until one synchronizes (the bad one), which will give him the “please update” fake message.

[/quote]
Many people are still on older versions.
If this is true and there is a profit from these attacks do not expect to disappear soon.
There will be tours that will continue from time to time until profits reach zero.

Also, do not rule out attacks because of trying to distorting electurm wallet reputation for another new rising wallets.

Abdussamad

legendary

Activity: 3682

Merit: 1580

Re: The attack on Electrum servers seems to be over

April 16, 2019, 06:28:00 AM

#7

They probably moved on to targeting altcoin clients.

TryNinja

legendary

Activity: 2758

Merit: 6830

Re: The attack on Electrum servers seems to be over

April 15, 2019, 02:35:14 PM

#6

Quote from: moha sasa on April 15, 2019, 02:29:39 PM

- I have a question, what is to be gained from such an attack!!??

+ Thanks in advance.
Quoting my post in another thread:

Quote from: TryNinja on April 12, 2019, 05:17:49 AM
I assume they are attacking the Electrum's servers so their malicious ones can be the only ones working. The user will try servers/close and reopen Electrum until one synchronizes (the bad one), which will give him the “please update” fake message. Obviously this only works in old versions, but the servers are the same, so we all can feel the attack.

This just increases the chances of a uninformed user getting phished.

moha sasa

jr. member

Activity: 35

Merit: 2

Re: The attack on Electrum servers seems to be over

April 15, 2019, 02:29:39 PM

#5

- I have a question, what is to be gained from such an attack!!??

+ Thanks in advance.

anu1908

sr. member

Activity: 770

Merit: 268

Re: The attack on Electrum servers seems to be over

April 15, 2019, 05:16:37 AM

#4

my electrum is running smoothly since yesterday even though i've used automatic selection. but that's not a guarantee that the same attack or problems happen in the future unless there's an official fix to prevent such thing from happening. so far, afaik electrum node runner has mitigated this problem with blocking the ip addresses that were used to attack their server as hcp mentioned so that's probably the reason why it seems the attack was stopped.

HCP

legendary

Activity: 2086

Merit: 4361

Re: The attack on Electrum servers seems to be over

April 15, 2019, 04:13:01 AM

#3

I wouldn't be confident enough to say it is "over"... I suspect that IP list of the DDoS botnet that got released (and was constantly being updated) might have mitigated the attack to the point that the network is more or less running "OK".

No doubt it is quite expensive trying to spool up more and more devices as they are constantly being rendered useless.

I'd be more prone to say that this "round" is over...

Pmalek

legendary

Activity: 2730

Merit: 7065

Re: The attack on Electrum servers seems to be over

April 15, 2019, 03:38:05 AM

#2

At the moment there is no official announcement from Electrum on their Twitter or Reddit pages. The official site offers no information that the attack is over either.
https://twitter.com/ElectrumWallet
https://www.reddit.com/r/Electrum/

djhomeschool

full member

Activity: 340

Merit: 164

Re: The attack on Electrum servers seems to be over

April 15, 2019, 01:47:10 AM

#1

I have no problems anymore, everything running smooth again and synchronizing fast and without problems.

Is the attack over?