Almost 1M Dollar Made By Hackers Using Fake Electrum Update
Hackers always find new illegitimate ways to generate money and recently they targeted Electrum bitcoin wallet to do that. As reported in a security report, hackers has made more than 250 Bitcoin which is equal to about one million dollar. They have earned such a huge amount after the phishing attack on the bitcoin wallet. However, Electrum is considered as a safest bitcoin wallet but it is also targeted by criminals which show how sophisticated they are. The vulnerability of this bitcoin wallet is still unpatched and according to expert the attackers can take up the attack again with the help of a new repository. The clever attack was initiated in such a way that most wallet user’s can’t detect the evil trick.
Hackers Utilize Fake Version Of Electrum Wallet
According to Electrum, hackers manage this attack by using a fake version of the wallet. Hackers behind this attack managed to display misleading pop-ups inside the wallet of users. The text message was designed to look legitimate and authentic. The cyber crooks has made tons of unsafe server to access the main server of Electrum. It also make application users to start the transaction. Whenever user reach the malicious server during the transaction they get an error message. The error message want users to download the latest update from the given link to avoid the danger and to fix error during the transaction. Below you can see comment of one of the victim of this phishing attack :
“I kept trying to send and kept getting an error code ‘max fee exceeded no more than 50 sat/B [satoshis per byte]’ I then restored my wallet on a separate PC and found that my balance had been transferred out in full[.]”
As stated by the report, the malicious link provided to download update of Electrum wallet is nothing than a repository or GitHub. Users are unable to open that link just by clicking so they are asked to copy the link and paste it into their browser. If user open the malicious link they are redirected to fake Electrum wallet which look legitimate. Then the fake application want user to provide authentication code to proceed further. Once they get the authentication code to steal user’s fund and transfer them to their wallet.
Do Not Update Electrum Wallet To Prevent The Attack
According to security expert, user’s should avoid downloading the update. Ignore any pop-up message which you get while doing transaction. If the fake update is installed, it will empty the cryptocurrency wallet at the same time. So if you haven’t updated the app, you are lucky and do not attempt to do that. As stated by the company, only those user’s has been affected who have connected with the hackers malicious servers.
However it is not clear that if the attack is still ongoing or not but as always said prevention is the better option. The company is now updating their application. So user’s should wait for the real update which is available after making necessary changes. By downloading the real update customers can do their transaction without any risk.