Electrum Wallet Phishing Attack Leads To $1 Million Hack

By Boris Dzhingarov

There is right now a reported ongoing hack that is launched against Electrum. Details about the phishing attack have been published by the company on Github here. Because of the successful nature of the attack, the hacker or hackers managed to steal close to 250 BTC.

The way in which the hack works is through the creation of a wallet version that is fake and that fools the user into using password information so it becomes visible for the attacker. On Reddit, user “normal_rc” highlighted the way in which the hack works:

The hacker setup a whole bunch of malicious servers. If someone’s Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling the to update their Electrum Wallet, along with a scam URL.

Users that are affected try to log in and fail after the two-factor authentication code is provided. This is actually something that Electrum does not require. Hackers then get access to the account and quickly clean it out.

Hacked addresses were reported to feed right into one holding address, one that is holding over 240 BTC right now.

The good news is that Electrum quickly identified the attack and posted about it on Twitter while an investigation was started. As expected, the cryptocurrency wallet urged users to check resource validity whenever trying to log in. The most important part of the tweet was:

Our official website is https://electrum.org[.] Do not download Electrum from any other source.

We need to add the fact that cryptocurrency wallet hacks are not that frequent when compared to those that affect online exchanges. Usually, successful online exchange hacks lead to a lot more money that is lost. With hacks like Electrum, lower amounts are bound to be gained. Even so, we are close in value to $1 million, which can be seen as being a lot.

Always be careful what apps you use and where you download them from.