Phishing attack on crypto wallet Electrum has claimed multiple victims and allows the perpetrator to empty Bitcoin wallets.
Subsequently confirmed by Electrum itself, the attack consists of creating a fake version of the wallet that fools users into providing password information.
“The hacker setup a whole bunch of malicious servers,” Reddit user u/normal_rc explained:
“If someone’s Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling them to update their Electrum Wallet, along with a scam URL.”
Affected users report trying and failing to log in to their wallets after providing their two-factor authentication code — something Electrum does not in fact request during login. The hackers then empty the wallet balance.
“[W]hen I logged on it immediately asked me for my 2 factor code which I thought was a little strange as well as Electrum usually only asks for that when you attempt to send,” one victim continued in another Reddit post, adding:
“I kept trying to send and kept getting an error code ‘max fee exceeded no more than 50 sat/B [satoshis per byte]’ I then restored my wallet on a separate pc and found that my balance had been transferred out in full[.]”
According to u/normal_rc, several addresses are feeding into one main holding address, which currently contains 243 BTC.
Electrum posted about the incident on Twitter today, stating “[t]here is an ongoing phishing attack against Electrum users” and implored users to check the validity of the resource they were logging into.
“Our official website is https://electrum.org[.] Do not download Electrum from any other source,” the tweet continued.
source : cointelegraph.com
▶ ‘에이코인(ACOIN)” 은 전 세계 오프라인 금거래 시장에서 금의 안전한 거래를 위해 사용하는 프로토콜 암호화폐이며, 코인월드 에이코인(ACO) 전용마켓 오픈 예정
▶ 한미중일 4개국 합자투자로 탄생한 코인월드, ‘에이코인'(ACOIN) 국내 최초 상장 협의중으로 4/16 사전 예약 실시
▶ Coin world, ACOIN listing Discussion
▶ Cryptocurrency exchange coin world, advance booking on next 16th