Electrum admins have purportedly since disallowed the message from being mostly legible, so this medium of attack is likely breathing its last breaths.
The attack resulted in legitimate Electrum wallet apps showing a message on users' computers, urging them to download a malicious wallet update from an unauthorized GitHub repository. Starting on Friday (Dec. 21, 2018), hackers began tricking Electrum wallet users into downloading an update, which turned out to be from a malicious source.
The bad actor set up the attack by creating multiple fake servers on the Electrum wallet network. The malicious servers also remain on the Electrum network - in fact, Electrum developers have identified at least 33 of them. Once a user initiates a BTC transaction that reaches one of these servers, an error message pops up.
If the users followed through and downloaded the update, a malicious version of the Electrum wallet would be downloaded and would ask the user for a two-factor authentication (2FA) code.More news: Android TV being used by 'tens of millions' of people
Another attack has hit the cryptospace - this time, the target was the Electrum Bitcoin Wallet.
CasaHodl CTO Jameson Lopp, a veteran software developer, explained that users who connect to their Electrum server were unaffected in the hack.
The attack, which has since been confirmed by the team behind the venture, purportedly consisted of a false message appearing on users' official Electrum-based applications, which beckoned consumers to visit a site.
Several comments on Reddit also back up Lopp's statements saying that those running full nodes have no reason to worry.More news: British-Iranian Professor Home After Detention in Iran
If the link stipulated was clicked, it would lead victims to a seeming Electrum-branded GitHub repository, which contained a malicious version of Electrum that would steal consumers' Bitcoin holdings. After the Electrum team silently upgraded its app in response to attack reports, these messages weren't rendering in the same formatted, and started looking fake.
We did not publicly disclose this until now, as around the time of the 3.3.2 release, the attacker stopped; however they now started the attack again. This is a red flag, as these 2FA codes are only requested before sending funds, and not at wallet startup. Other reports indicate that the attack garnered 250+ BTC for hackers, but these numbers haven't been confirmed.
Admins of the Electrum wallet expect a new attack to soon get underway, with either a new GitHub repo or a link to another download location altogether.
Phishing attacks are one of the many means used by cybercriminals to steal cryptocurrency.More news: Serena Williams named AP Female Athlete of the Year
Do you think the Electrum Devs will be able to find a lasting solution to this new phishing hack?