Analysis . . . Bitcoin wallet Electrum "update phishing" currency theft continues.
Bitcoin Future： electrum group 1mdb
You buy bitcoins anonymously with cash and send them to your Electrum wallet.
Ormandy claims to have discovered the vulnerability, even though it was flagged last year. Within hours of Ormandy pointing out the vulnerability, Electrum came up with a patch to fix it.
According to information posted on social media on December 27th, Electrum's wallet was hacked and nearly 250 bitcoins ($937,000) were maliciously stolen, coinelegraph reported. Electrum later confirmed that the attack included creating a fake version of the wallet and tricking users into providing password information. Reddit user u/ normal_rc that hackers set up a large number of malicious servers. Electrum responded on Twitter today that "this is a persistent phishing attack against Electrum users" and implored users to check the effectiveness of the resources they log on to.
As for the "password minimum term of use", refers to how many days can not change the password, and the evaluation requirements basically have nothing to do, do not care.
Wallet: Electron Cash Wallet, Badger Wallet.
As of press time, phishing attacks that forged Electrum upgrade notifications have stolen at least 1,450 BTC (the number stolen is officially counted by a user, anti-malware companies Malwarebytes and Electrum), with a total value of approximately $11.6 million. It is worth mentioning that Electrum versions lower than 3.3.4 are vulnerable to such phishing attacks. Users who use Electrum wallets should update to the latest version Electrum 3.3.8 through the official website (electrum.org). At present, v4.0.0 has not been officially released. Version, please do not use the link in the prompt message to update, so as to avoid loss of assets
Chain News, lightweight Bitcoin Wallet Electrum announced that the next version will support Lightning network payment, implemented using Python, Electrum as a Lightning network node, wallet users do not need to run lightning network nodes to make payments, electrum lightning network nodes have been merged into the Electrum master branch.
When Electrum wallets are synchronized with malicious servers, they are instructed to "update" clients provided by hackers, resulting in the loss of assets contained in older versions. Previously, in December 2018, Electrum.
Electrum Litecoin maintains tamper-proof remote servers. All information is verified by Simplified Payment Verification (SPV). It provides full accessivity by allowing you to export the private key to other Litecoin clients.
At present, every time you place a bet, the system will give you a certain percentage of DICE, these DICE can be used to bet, but only to win DICE.
The malware hard-coded a combination of username and password configuration information containing the initials KKNPP for the Kudankulam nuclear power plant.
Electrum is a world-renowned Bitcoin light wallet with a long history of multi-signature support and a very broad user base, many of which like to use Electrum as a cold wallet or multi-signature wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a message flaw that allows an attacker to send update prompts through a malicious ElectrumX server. This update prompt is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may be tricked. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more. This captured currency theft attack is not stealing the private key (electrum's private key is generally stored with two-factor encryption), but replaces the transfer destination address when the user initiates the transfer. In this slow fog remind users, transfer, need to pay special attention to whether the destination address is replaced, which is a very popular recent way to steal money. It is also recommended that users use hardware wallets such as Ledger, and if you pair it with Electrum, although the private key does not have any security issues, you should also be alert to the replacement of the destination address.
According to Johnwick.io, we will continue to monitor and track the further flow of funds after a recent user submitted a coin-losing incident claiming that the download used an Electrum wallet had been phishing and that more than 700 bitcoins had been lost, and that the stolen address had been added to the Devi AML system. It is reported that malicious websites (electrumsecure) fake Electrum website phishing attacks, to guide users to download and use the wallet, in order to steal the user's private key and other sensitive data. Devi Security Labs is here to remind users not to install unknown sources of Electrum wallets, to avoid asset losses. Electrum Official Website: electrum.org Electrum Phishing Website: electrumsecure.
Mnone word type (determination or "Electrum"): In this type, all keys are derived from a separate payment private key, known as a seed. Viewing the private key is derived by paying the private key in Kecack-256 hash to produce a valid EdDSA stunder. These accounts are easy to back up because you only need to write down the seeds (usually in base-1626 mone phrases)