There has been report about a phishing attack on the Electrum wallet network. According to findings, this new attack has resulted in the loss of 245 bitcoins, worth over $880,000.
Warning about the attack which happened on Thursdays, the company stated in a tweet that, “There is an ongoing phishing attack against Electrum users. Our official website is https://electrum.org Do not download Electrum from any other source.”
The hacker who was able to gain access to wallet addresses of multiple users created fake servers on the Electrum wallet network. Consequently, when wallet users who connected via those serves tried to broadcast a bitcoin transaction, they received error reports which provided them with malicious link to a disguised updated wallet.
According to Electrum, “To make the attack more effective, the attacker is creating lots of servers (sybils), hence increasing the chance a client would connect to him.”
Earlier Thursday, an active Reddit user posted a bitcoin address the attacker is using to move the stolen funds from several addresses used in the hack. If this is true, it means the attacker has now managed to steal 245 BTC, an amount worth $884,000
In an effort to prevent a repeat, Electrum has now released a new version of its wallet of Github page, adding that, “This is not a true fix, but the more proper fix of using error codes would entail upgrading the whole federated server ecosystem out there.”
Electrum further added that:
“We did not publicly disclose this until now, as around the time of the 3.3.2 release, the attacker stopped; however they now started the attack again.”
Without mincing words, cases of cryptocurrency hacks are growing by the day even as criminals continue to seek an easy path to quick riches. A recent post by blockchain security firm CipherTrace states that nearly $1 billion in cryptos have been stolen so far this year with the trend likely to gain more momentum next year.