Connect with us

Bitcoin

Hacker steals 200BTC from Bitcoin Electrum Wallet

BlockClutch Team

Published

on

Hacker steals 200BTC from Bitcoin Electrum Wallet

This is not the first time something like this has happened, but this sure is a huge amount!

An anonymous hacker (or even consortium of hackers) have stolen almost $1 million value of Bitcoin (BTC), reports tech media outlet ZDNet. Per the report, the Electrum Wallet, a favorite open-minded project based in mid-June 2011, has been broken at a “smart attack

The assault, that has since been supported by the staff behind the enterprise, supposedly consisted of a fictitious message appearing on consumers’ official Electrum-based software, which empowers users to go to a website.

In case the link given has been clicked, then it would lead sufferers into some seeming Electrum-branded GitHub repository, that comprised a malicious variant of Electrum which would steal customers’ Bitcoin holdings.

This particular attack allegedly started on December 21st but has been lately ended (perhaps only briefly ) from GitHub admins, who purged the malicious download documents. But how did the strike work?

Well, as clarified by ZDNet, the hacker supposedly added heaps of”malicious servers” into the Electrum system, so when a user plans to generate a trade, the hacker-backed server answers with an error message which asks users to see the fictitious GitHub. After downloading, the program would ask for users to enter 2FA code, which has been sent to the attacker, then subsequently allowing BTC to be snatched.

Also Read: Bitcoin Exchange Huobi announces Post-Christmas layoffs

Electrum admins have supposedly since disallowed the concept from being largely legible, therefore this moderate of assault is probably breathing its final breaths. Still, the simple fact of the matter is that ultimately, the hackers netted 200+ BTC, roughly valued at ~$740,000 in the time of composing. Other reports show that the assault garnered 250+ BTC to get hackers, but these amounts have not been verified.

Not The Initial Attack On Electrum

Interestingly, this is not the first time that the favorite wallet alternative was assaulted by bad actors. Earlier this season, in early-May, the Bleeping Computer reported the Electrum group had seen an undercover individual/group make a copycat of the flagship product, naming it”Electrum Pro”

The program, that closely resembled its bonafide counterpart, was subjected as a vector of attack which malicious people may exploit, stealing Bitcoin personal keys in the procedure.

At a post-mortem of the assault (of types ), that went for upwards of 2 weeks, it was clarified that there were several glaring red flags. Electrum Pro allegedly used Electrum’s logo and brand without consent, while also buying the rights to get the Electrum.com domain name, which was near-identical into the valid group’s .org domain.

Also Read: Hundreds of Crypto Projects depicts signs of plagiarism, fraud and unlikely returns

After evaluation, it was also shown that in Guru’s code, especially lines 223-248 of all electrumpro_keystore.py, a method has been incorporated that enabled attackers to upload customers’ keys for nefarious purposes. While the Electrum Professional strike has been dismantled, both above instances reveal the hackers are still poised to assault on the cryptosphere, despite a bear market.

Tipped by Rajeesh Nair, Tech Blogger from India

Trending

Copyright © 2019 BlockClutch | All Content Rights Reserved