![]() In Electrum versions before 3.3.3, this error is arbitrary text, and what's worse, it is HTML/rich text (as that is the Qt default). To users: when you broadcast a transaction, servers can tell you about errors with the transaction. On December 26, 2018, the developer of Electrum issued a public warning on the official GitHub page providing some information about an ongoing attack: Source: Fake Electrum wallet update notification As shown below, there has been a substantial increase in the number of peers active on the Electrum network: While this has historically been a fairly secure method of transacting, attackers have taken advantage of the fact that anyone is allowed to operate as a public Electrum peer. The wallet (client) is programmed by default to connect to a network of peers (server) in order to verify that transactions are valid. Instead, Electrum operates in a client/server configuration. SPV allows a user to send and receive transactions without downloading a full copy of the Bitcoin blockchain (which is hundreds of gigabytes in size). Known as a “lightweight” Bitcoin wallet, Electrum implements a variation of a technique described in Satoshi Nakamoto’s Bitcoin white paper called Simplified Payment Verification (SPV). In order to get a better idea of how these attacks became so successful, it is helpful to have a basic understanding of how the Electrum wallet functions. In this post, we shed light on the phishing scheme used to push the malicious Electrum update, discuss where the stolen funds have gone, and finally look at the malware infections directly involved with the DDoS botnet. Attackers reversed the scenario so that legitimate nodes became so overwhelmed that older clients had to connect to malicious nodes. Shortly after, a botnet launched distributed denial of service (DDoS) attacks against Electrum servers for what is believed to be retaliation against developers for trying to fix the bug. ![]() The software was in such trouble that in March, developers began exploiting another vulnerability unknown to the public, essentially attacking vulnerable clients to keep them from connecting to bad nodes. Threat actors were able to trick users into downloading a malicious version of the wallet by exploiting a weakness in the Electrum software.Īs a result, in February the developers behind Electrum decided to exploit the same flaw in their own software in order to redirect users to download the latest patched version. Since at least late December 2018, many users of the popular Electrum Bitcoin wallet have fallen victim to a series of phishing attacks, which we estimate netted crooks well over 771 Bitcoins-an amount equivalent to approximately $4 million USD at current exchange rates. ![]() By Adam Thomas and Jérôme Segura, with additional contributions from Vasilios Hioueras and S!Ri
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |