Electrum Bitcoin Wallet and some of its users have fallen under a quite smartly planned hack. The hackers employed multiple malicious servers to fool the wallet holders into upgrading their wallets, after which they were robbed of their Bitcoin (BTC) balances.
It all began last week on Friday, December 21, when a user tried to log on to their wallet and send some bitcoins, they were welcomed by an ‘official looking’ message that asked them to run an update moving forward. A GitHub link was provided to follow for the upgrade.
The first user who reported the hack has had noticed a strange thing about the link, for one it wasn’t an official link from the Electrum site. Secondly, unlike a standard link that opens on clicking, the provided link was required to be copy/pasted into their browser window.
When the user proceeded to copy paste the link and downloaded the application. After the app was downloaded, the user logged back in again. Notably, the system asked them for their 2-factor authentication, which is only asked during fund transfer. Afterward, the user made multiple attempts to send their BTC, but each time they receive an error message saying, “ max fee exceeded no more than 50 sat/B”.
Only when the user decided to restore their wallet on a different PC, they realized that the entire balance of their wallet has been transferred to a strange address. The user also noted that Electrum wasn’t downloading from their official website. which implies that the platform was experiencing a DDOS attack.
The latest report on the hacker, suggests that the hacker has managed to steal funds from many innocent victims and has stolen up to $1 million so far.
Hacks in 2018
Crypto space has been plagued with hacking incidents for quite some while. In fact, in 2018 alone, the hacking incidents have amounted to almost $1 billion in cryptocurrencies. While the security of blockchain is a viable issue, the lack of knowledge in the user is a massive issue at hand as well.
Many new users often do not understand various smart traps that the hackers have laid for them and fall prey to their illicit plans. For instance copy/pasting a link for seemingly random requests to update your wallet could be a clear sign something is not right. The user should first verify the source of the request and often these platforms are pretty open about their update schedule and one should confirm from the official website before clicking any link. Any user should be active enough to screenshot such messages and send it to the support team at the official website to verify the link.