An ongoing hack against cryptocurrency wallet Electrum saw a party steal almost 250 Bitcoins. The attack consists of a fake version of wallet which allegedly fools users into providing their passwords.
“The hacker setup a whole bunch of malicious servers,”
Reddit user u/normal_rc explained:
“If someone’s Wallet is connected to one of those servers, and they tried to carry out a BTC transaction, they would see an official-looking message telling them to update their Electrum Wallet, along with a scam URL.”
An Electrum developer posted details of the hack in the last 24 hours on Github sharing the following screenshot of the hackers first false message and link which they had managed to infiltrate into the Electrum user interface.
Affected users report trying and failing to log in to their wallets after providing their two-factor authentication code.
This is something the wallet does not request during login. The hackers then empty the wallet balance.
“[W]hen I logged on it immediately asked me for my 2 factor code which I thought was a little strange as well as Electrum usually only asks for that when you attempt to send,”
one victim continued in another Reddit post, adding:
“I kept trying to send and kept getting an error code ‘max fee exceeded no more than 50 sat/B [satoshis per byte]’ I then restored my wallet on a separate pc and found that my balance had been transferred out in full[.]”
According to u/normal_rc, several addresses are feeding into one main address, which contains 243 BTC.
Electrum posted about the incident on Twitter today, stating “there is an ongoing phishing attack against Electrum users”. They have warned the users to check the validity of the resource they were logging into.
There is an ongoing phishing attack against Electrum users. Our official website is https://t.co/aHiZIZH54e Do not download Electrum from any other source. More on the attack here: https://t.co/x5mPVspKfO
—(@ElectrumWallet) December 27, 2018
While wallet hacks are a recurring menace, there have been instances where not backing up wallets has left investors in a lurch. TCU reported on 9th December, A resident of Istanbul, Kerem Albayrak claims losing $170,000 worth cryptocurrency as he did not back up his recovery phrase properly. Albayrak explains in a reddit post that he purchased a iMac and created a blockchain wallet so that he could transfer his funds from the hardware wallet.