B: Electrum server can customize messages to appear in the user's electrum light wallet software, giving hackers a chance to broadcast phishing messages.
Bitcoin Future： electrum cleaver
Another upgrade under study is the release of a new version of the Electrum-LTC desktop wallet. Electrum-LTC is an SPV wallet that can be used in Windows, Linux, and OS X operating systems.
Bruce Cleaver, chief executive of De Beers, further noted that tracking the number of diamonds is good for the industry.
Dynamic . . . Slow fog: Electrum "updates phishing" currency theft attack supplement alert.
Electrum hackers pre-empted a large number of "normal" electrum servers on the P2P network.
Bitcoin wallet service Company Electrum has been hacked, resulting in the loss of user funds. In response to the attack, Beosin Chengdu Chain Security made an analysis: This wallet Electrum was attacked, mainly because the use of the kivy framework is using a standard py compiler and wallet does not do anti-secondary packaging protection, the core file can be directly recompiled back to the py file. Attackers can imitate the code, directly join the code to steal the user's password, key after the secondary packaging, and then cooperate with other attacks, tempt users to install the wallet implanted with malicious code, thereby stealing the user's password, key and other sensitive information.
According to Bleeping Computer, the BTC wallet app Electrom accused a phishing product called Electrum Pro of stealing a user's seed key on May 9 on GitHub and registering a domain name called electrum without Electrum's permission. The Electrum team noted that there was a piece of code indicating that the counterfeit product might have taken the user's seed key and uploaded it to the electrum. Affected users should transfer funds from BTC URLs managed by Eletrum Pro.
In this way, as long as a sequence of integers is determined, a unique child public-private key pair can be generated from the parent public-private key pair. If you only need a child public key, you can generate all child public keys without touching the parent private key.
As of press time, phishing attacks that forged Electrum upgrade notifications have stolen at least 1,450 BTC (the number stolen is officially counted by a user, anti-malware companies Malwarebytes and Electrum), with a total value of approximately $11.6 million. It is worth mentioning that Electrum versions lower than 3.3.4 are vulnerable to such phishing attacks. Users who use Electrum wallets should update to the latest version Electrum 3.3.8 through the official website (electrum.org). At present, v4.0.0 has not been officially released. Version, please do not use the link in the prompt message to update, so as to avoid loss of assets
You may have noticed an important difference between the MyMonero type and the Electrum seed type. MyMonero creates a viewing private key by hashing a random integer, while the Electrum type hash pays the private key. This means that the seeds of 13 and 25 words are not compatible - it is not possible to create an Electrum type account that matches the MyMonero type account (and vice versa) because viewing key pairs is always different.
Founded: Electrum is an open source source that was originally released in November 2011.
However, after electrum officials said in early 19th that some security mechanisms should be put in place to prevent this "update phishing", many users of Electrum are still in the old version.
In this demo, Electrum developer Chris Belcher shows how to set up and use electrum personal servers.
UBTC Electrum supports transfer-to-contract UI interface (test chain)
Users of MyEtherWallet and Electrum, previous cryptocurrencies wallets, are now facing phishing attacks.