Digital wallet developer Electrum has released an emergency patch saying it found a vulnerability that could lead any website hosting Electrum to steal a user's digital currency, exposing passwords to the JOHNSONRPC interface and ingelling hackers full control of the wallet. Earlier, Electrum released the first patch, but it didn't seem to solve the problem, and they released a second update urgently Sunday night local time.
Bitcoin Future： como transferir bitcoins para carteira electrum
According to Reddit user u/normal_rc, electrum's wallet was hacked and nearly 250 bitcoins (243.6 BTCs, nearly $1 million) were maliciously stolen, according to coinelegraph. Electrum then confirmed that the attack included creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is a persistent phishing attack on Electrum users" and warned users not to download Electrum from any source other than the official website.
Book a holiday home in Il Garovaglio, Como, Italy, and get 750 GN.
This "update tip" is not an official act of Electrum, but a phishing attack by an attacker that exploits a message flaw on the Electrum client and the ElectrumX server, which requires the attacker to deploy the malicious ElectrumX server in advance, and the malicious server is localized by the user's Electrum client (because the Electrum client is a light wallet and the user needs the ElectrumX server to broadcast the transaction). In a frenzy, malicious ElectrumX servers account for as many as 71% of the total, and the show doesn't fully count, and hundreds of bitcoins have been stolen in this phishing attack over the past year or so.
Electrum is one of the most popular Bitcoin wallets and now supports Lightning Network payments.
Qtum Electrum synchronously updates electrum-related code and releases v0.18.9.
This kind of time to get off must be fast, watching it not how to fall move do not bet, get off directly.
Another upgrade under study is the release of a new version of the Electrum-LTC desktop wallet. Electrum-LTC is an SPV wallet that can be used in Windows, Linux, and OS X operating systems.
At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
In a forum post on Bitcointalk, website administrator Theymos explained: "If at any time in the past you've logged in to Electrum without a wallet password and opened a web page, your wallet might have been stolen." Particularly paranoid people may want to send all bitcoins (BTCs) from their old Electrum wallets to the newly generated Electrum wallet. "
Electrum-LTC is a simple but powerful Litecoin wallet. Like its predecessor, the Electrum-Bitcoin wallet, the open source wallet is available on GitHub and anyone can view or upgrade the code.
In contrast, another wallet, Stratis Electrum, is a simplified trading client.
Litecoin high volatility, the previous increase is too large, so temporarily in the correction stage, although today's correction range is more, but did not change the rising trend of Litecoin market, continue to be bullish.
Bitcoin Wallet Electrum will support the Lightning network in the next release, and its Lightning nodes have been merged into electrum's main branch, according to Cointegraph. Electrum also confirmed that the wallet will be written in-house development Python.
Users of Bitcoin wallet Electrum are facing a phishing attack, according to the Devi Security Lab. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.