In a blog post, Malwarebytes, an antimalware software company, said the number of infected Electrum Bitcoin wallets had reached 152,000 after the server was attacked by DoS, and the total amount of stolen funds had risen to $4.6 million, Cointegraph reported. The company identified a loader called Trojan.BeamWinHTTP, which also involved downloading previously detected Electrum DoSMiner. The largest number of robots are concentrated in Asia Pacific, Brazil and Peru, and botnets are growing to attack Electrum infrastructure.
Bitcoin Future： electrum bitcoin private sweep grey
Most of the wallets we use frequently are in this category, including Bitcoin Electrum, imtoken. The private key of this type of wallet is also the user's own, and is easy to use.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. In this slow fog remind users, transfer, need to pay special attention to whether the destination address is replaced, which is a very popular recent way to steal money. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
In this demo, SatoshiLabs' CTO Pavol Rusnak shows how to send Bitcoin transactions via Electrum wallet and SMS to.
Sound . . . RelayX Founder: The Internet lacks the concept of micropayance, and every app should become a Bitcoin app.
So how do they get so much Bitcoin from criminals? Next, let's analyze the specific accounts in which illegal funds were received on both exchanges.
You can download electrum Bitcoin Wallet on the official website "electrum.org". Electrum is also available to users of Ledger Nano S, KeepKey, and TREZOR hardware wallets.
According to Bleeping Computer, the Bitcoin wallet app Electrom was on GitHub on May 9th, accusing a phishing product called Electrum Pro of stealing a user's seed key and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from Bitcoin URLs managed by Eletrum Pro.
The fact that not many people know is that Esplora is bundled with a based and optimized Electrum server. This Electrum server is derived from Electrs and is now maintained separately by the Blockstream engineering team. Over the past two years, Esplora has become one of the fastest and most scalable Electrum server solutions available for Bitcoin due to continuous updates and performance optimization. Esplora is also the only Electrum server that supports liquid networks.
In December 2018, Slow Fog first discovered and alerted an attacker to a messaging flaw using the Electrum wallet client, forcing an "update prompt" to pop up during a user's currency transfer operation, inducing users to update and download malware to carry out a currency theft attack. Although electrum officials said in early 2019 that some security mechanisms would be put in place to prevent this "update phishing", many users of Electrum are still in the old version (less than 3.3.4) and the old version is still under threat. However, we do not rule out a similar threat to the new version.
Bitcoin Nodes (Desktop: Linux, Mac, Windows)
Lightweight Bitcoin Wallet Electrum announced that the next version will support Lightning network payments, implemented with Python, an electrum network node where wallet users do not need to run Lightning network nodes themselves to make payments, and electrum's Lightning network nodes have now been merged into the Electrum master branch.
Users of Bitcoin wallet Electrum are facing phishing attacks, according to Johnwick.io. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
Note 2: Choose a change address, the excess Bitcoin balance will be sent to the change address, make sure to find the zero address is the bitcoin address you own.
For Xiaobai, the most friendly, safest and convenient multi-currency wallet is Mixin Messenger, which has been introduced in the previous chapter.