A hacker (or a group of hackers) has successfully stolen over 200 Bitcoin which is worth $750,000 (as of today’s price) after it used a clever attack on the infrastructure of Electronum Bitcoin wallet.
December 28, 2018 | AtoZ Markets -The Electrum Bitcoin wallet has been attacked and over 200 Bitcoin has been stolen after the attacker(s) lunched a malicious wallet app with an unauthorized Github repository. This is according to ZDNET . The hacker(s) has made over $750,000 from this activity. The attack started when users saw a legitimate Electrum wallet app displaying a message on their computer screens, urging them to download a malicious wallet update. The attack started last Friday, 21st December and appears to have been temporarily halted today by Github admins.
How The Attack Was Carried Out
In order to acquire users’ Bitcoin, the attackers added several malicious servers to the Electrum wallet network. When the users of Electrum wallet initiate a Bitcoin transaction, it reaches one of the malicious servers and an error message is displayed which then ask them to download a wallet app update. The wallet app update was linked to a malicious website. When the users launch the updated malicious app, it asks them for a two-factor authentication (2FA) code. When the 2FA code is provided, the malicious server installed in the app would transfer the users’ fund into the attacker’s Bitcoin addresses.
How Electrum Has Reacted So Far
When Electrum noticed this, it quickly changed these server messages from rich-formatted texts to less legitimate plain text. Github eventually deleted the malicious repository from its system. The admins of Electrum expect a new attack to commence, with either a new Github repository or another download location. Users are still vulnerable to this attack until the admins of the wallet can successfully render the attack unusable for the attacker. These malicious servers still remain on the Electrum system – at least 33 of them have been identified by Electrum developers.
Think we missed something? Please share with us in the comment box below.