In a recent attack, Electrum, the well known Bitcoin wallet was attacked by unscrupulous hackers, who reportedly stashed away over $750,000 worth of Bitcoin.
Apparently the attack that began on December 21, 2018, continued for a period of seven days. The attack ceased when the Electrum Team alerted the GitHub Admins who took down the hacker’s GitHub repository, barring any further download of the malware. However, if reports are to be believed, that is not a long-term fix, and more cyber attackers could use the same method in future.
The Attack
The hackers used 33 rogue servers to generate fake notifications, which contained a download link. The fake notification that was sent out by the attackers then urged the users to download a security update and provided a link to GitHub page. Unknown to the users, they ended up downloading a Malware.
A pre-existing vulnerability in Electrum’s wallet made way for this attack, as it enabled the hackers to do their worst by using the 33 fake Electrum servers. Next the attackers sent out notifications to Electrum users asking them to download a security update. Finally the user was asked to enter the 2FA code and the Bitcoins were swept away.
The attackers first used fake servers to show a false error message to the Bitcoin Wallet’s Users, redirecting them to download an update through a notification. The link provided was however, that of a Malware, which was later exploited to steal over 200 Bitcoins from Electrum wallets, which roughly sum up to around 750,000 US Dollars.
The Present Status
According to an Electrum Developer, the issue is not yet completely fixed, because although a patch has been released, the flaw is deep-rooted in Electrum’s ecosystem. Therefore, there is every possibility of another such attack in the near future.
Electrum wallets were considered highly secure because they operate in a manner quite different than the rest. Here, there is no need for a user to download the entire Blockchain, instead, the job is made easier by the wallet’s remote servers.
Let us know your thoughts in the comments section.