Electrum Faces Another Fake Wallet Attack, Users Reported to Lose Millions of Dollars

Published on by Cointele | Published on

Mentioned in this article
Bitcoin wallet service Electrum is facing an ongoing Denial-of-Service attack on its servers, the company reported on Twitter on April 7.

According to tech news website The Next Web, the new attack has caused users to lose estimatedly millions of dollars to date, with a single person alone reportedly losing about $140,000.

The ongoing DoS attack was allegedly launched by a malicious botnet of more than 140,000 machines, and aims to steal users' Bitcoin by referring them to fake versions of Electrum software.

According to The Next Web, the attackers have even implemented their own Electrum servers hosting compromised Electrum versions in order to realize the hack.

After users sync their vulnerable Electrum wallet with a malicious server, they are directed to "Update" their client with a hacked version, which eventually leads to an immediate loss of funds that were contained in the old versions, the report explains.

The website also urges users to not download Electrum software from any other source than electrum.org.

In the recent announcement on Twitter, Electrum recommended its users to disable the auto-connect option and select their server manually, while the company is working on a more robust version of the Electrum server in order to fix the issue.

In December 2018, Electrum faced a similar attack that led to a loss of about $937,000 worth in Bitcoin.

As reported by Cointelegraph, the attack consisted of building a fake version of the wallet that tricks users into providing password information.

Recently, online video distribution giant YouTube was reported to erroneously run a malicious advertisement for Electrum wallet, which again contained a malware version of the software.

x