Users Report Losing Bitcoin in Clever Hack of Electrum Wallets (zdnet.com)

A hacker — or potentially a group of hackers — has made over 200 Bitcoin (circa $750,000 at today’s exchange) using a clever attack on the infrastructure of the Electrum Bitcoin wallet over the last one week. From a report: The attack resulted in legitimate Electrum wallet apps showing a message on users’ computers, urging them to download a malicious wallet update from an unauthorized GitHub repository. The attack began last week on Friday, December 21, and appears to have been temporarily stopped earlier today after GitHub admins took down the hacker’s GitHub repository. Admins of the Electrum wallet expect a new attack to soon get underway, with either a new GitHub repo or a link to another download location altogether. This is because the vulnerability at the heart of this attack has remained unpatched, albeit Electrum wallet admins taking steps to mitigate its usability for the attacker.

Powered by WPeMatico