• The DigitalBank Vault

Hackers new tactic to steal crypto over from the users of a popular bitcoin wallet



Admins of popular Bitcoin wallet, Electrum, are warning users of a phishing attack that tricks its users into downloading a malicious update that steals their password codes. According to ZDNet, these hackers added tens of malicious servers to Electrum' wallet network which, when triggered, prompts users to download a wallet update containing malicious code. Users of this updated version will be asked to enter their 2-factor authentication code, which the hackers will use to access their wallet—emptying their balance. Hackers were able to steal over 200 bitcoins, approximately $730k at the time of this writing.

According to ZDNet, the core issue for Electrum is that it allows "popups with custom text" to trigger in a user's wallet interface.  This enables attackers to get direct access to their victim's interface and render authentic-looking server messages like the one below.



According to Electrum's developers, these attacks began on December 21 and while the developers have taken down the hacker's GitHub repository, which contains the malicious code, they have yet to patch the main attack vector. Developers warn that another attack may soon be underway.

0 views

DigitalBank Vault Limited

Irish Square, Upper Denbigh Road, 

St Asaph Denbighshire LL17 0RN, UK

Company number 11988551

(Limited Liability Registered in England & Wales)

International Calls & Whatsapp  : +372 57347873

 

Contact Email : team@digitalbank.capital  

Telegram : @timothyweiss 

LinkedIn:  http://linkedin.com/in/moty-weissbrot-42bb06162