Blockchain.info, Electrum Wallet.
Bitcoin Future： electrum server irc
According to the dimensionality reduction security laboratory (johnwick.io), hackers launched a denial of service (DoS) attack on the well-known wallet Electrum server. The hackers used a botnet of more than 140,000 computers to attack Electrum nodes and deployed malicious nodes at the same time . When users connect to these malicious nodes and use the old version of Electrum to send transactions
Basic integration with the electrum server (experimental feature, turned off by default)
The Electrum development team also warned them that they had nothing to do with a project called Electrum Dark: they used our name without our permission. Be careful with the altcoin version of Electrum, as they are sometimes used as vectors to install malware against your real Bitcoin wallet.
When an Electrum wallet queries a third-party Electrum server, the server can link two transactions together and know which address is a zero address.
According to Johnwick.io, we will continue to monitor and track the further flow of funds after a recent user submitted a coin-losing incident claiming that the download used an Electrum wallet had been phishing and that more than 700 bitcoins had been lost, and that the stolen address had been added to the Devi AML system. It is reported that malicious websites (electrumsecure) fake Electrum website phishing attacks, to guide users to download and use the wallet, in order to steal the user's private key and other sensitive data. Devi Security Labs is here to remind users not to install unknown sources of Electrum wallets, to avoid asset losses. Electrum Official Website: electrum.org Electrum Phishing Website: electrumsecure.
Digital wallet developer Electrum has released an emergency patch saying it found a vulnerability that could lead any website hosting Electrum to steal a user's digital currency, exposing passwords to the JOHNSONRPC interface and ingelling hackers full control of the wallet. Earlier, Electrum released the first patch, but it didn't seem to solve the problem, and they released a second update urgently Sunday night local time.
Digital Wallet Electrum was hacked, losing 250 bitcoins.
At the time of writing, at least 1,450 BTCs (stolen by one user, antimalware firm Malwarebytes and Electrum) had been stolen in phishing attacks that faked Electrum upgrade tips, with a total value of approximately $11.6 million.
Electrum tweeted today about the incident, saying it was "a persistent phishing attack on Electrum users" and imploring users to check the effectiveness of the resources they log on to.
Bitcoin Wallet Electrum confirms a phishing attack against its users, reminding them not to download Electrum Wallet software from any channel other than the official website. Earlier media reports said Electrum users had maliciously stolen millions of dollars worth of cryptocurrencies. Hackers create Electrum wallet software with malicious code, induce users to download, and trick users into providing login information such as passwords to commit theft.
To continue, users must activate their two-factor authentication (2fa) to add additional security. In 2fa, users can download Google Authenticator and sync their account with their ItBit account. The user will then have to scan the QR code of their account in the authenticator to activate 2fa. After the user tries to log in, he receives a 6-digit code on the registration number.
Electrum hackers pre-empted a large number of "normal" electrum servers on the P2P network.
An interesting feature of Electrum is that it supports third-party plug-ins and can bring other functionality to it. And some of these plug-ins support multi-signature wallets (separate the permissions to consume token between wallets) and hardware wallets. Compared to BitcoinCore.
We don't know if we're in a request, so let's assume we're always in a request. Here, it doesn't matter because our requests and responses look the same (because there are no named parameters and payloads in the principal)