Hacking attack results in theft of over 200 Bitcoins out of users’ Electrum wallets
A hackers' gang managed stealing over 200 bitcoins valuing some USD 720K from Electrum Bitcoin users. The crypto exchange is a bitcoin client of open-source kind that relies on certain client-server platform. On December 21, the hackers started their operation; however, GitHub administrators have tentatively halted it.
The perpetrators duped end-users into downloading and installing an update of malicious program. For this they included rogue servers into Electrum's network which in case communicated with would show one error message and after that one upgraded client message which connected with one illegitimate GitHub repository. Upon taking down the malicious program, end-users were asked for their 2F validation code enabling the hackers towards moving out Bitcoins from the wallet of victims into the hackers' own bitcoin purse.
According to an Electrum administrator, an assault is on against end-users wherein Internet-connected systems flag exceptions at the time a client speaks of certain transaction. Within the current instance, the error message gets exhibited like it's inside GUI of the client. By generating plentiful servers or Internet-connected systems on various /16 IPv4s, the hackers raised their possibilities of making a connection. End-users are made to take down and plant malware, which is a fake electrum update, if they act upon the error missives. Siliconangle.com posted this, December 27, 2018.
A team member of Electrum wallet named SomberNight states that upon getting news of the hacks, the team quietly made their wallet app up-to-date in order that the attack missives which encourage the downloading of malware didn't render in the form of HTML text any further. Apparently, according to SomberNight, Electrum developers had detected 33-or-more rogue Electrum servers which had been included into the Electrum network, with the possibility of 40-50 even.
Instances of the above kind of hacking have spread widely in connection with crypto-currencies. During 2018 alone, nearly $1bn of crypto-currencies have been lost in theft. The reason is mainly with end-users' lack of dexterity in handling crypto wallets. Such end-users are usually fresh in the crypto world while aren't adept at recognizing the different ways hackers ensnare for theft of credentials and funds.
» SPAMfighter News - 1/2/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!