Main navigation

Bitcoin (BTC) Wallet Electrum, Fake MacOS App, Steals User Keys

Sat, 03/06/2021 - 14:13
article image
Vladislav Sopov
Cybersecurity analysts disclosed two attacks against one of the most secure Bitcoin (BTC) wallets ever, Electrum
Bitcoin (BTC) Wallet Electrum, Fake MacOS App, Steals User Keys
Cover image via
Read U.TODAY on
Google News

According to a report by top-level cybersecurity expert, Confiant, the macOS application for Bitcoin (BTC) wallet, Electrum, has been compromised: attackers deployed fake binaries with backdoors. How many Bitcoins (BTC) have been stolen so far?

Beware: do not update your Electrum

Confiant's white-hat hacker, Taha Karim, detected that the macOS version of popular Bitcoin (BTC) wallet Electrum was compromised. Attackers injected malicious code into electrum/ and electrum/ repositories.

Ellectrum wallet apps aer compromised
Image via Twitter

Google Firestore's cloud instruments were utilized for this attack. Confiant's experts traced the fraudulent domains that the "updated" version of Electrum redirects data to.

Also, one of Windows versions of Electrum was infiltrated with similar malicious code. This attack is part of a "malvertising" scam that asks Bitcoin (BTC) holders to immediately update their wallet software.

With sophisticated routing tools, malefactors steal private keys, passwords and even the Bitcoin (BTC) riches of those who installed their malware.

$115,000 stolen at least

Actually, Electrum wallet has fallen victim to a series of attacks. Confiant's cybersecurity experts traced some Bitcoin (BTC) wallets involved in this scam.

Only one of the attacks managed to steal $115,491 in Bitcoins (BTC) from those crypto holders who installed fake "updates." While some of the infiltrated binaries are already deleted, Confiant warns all Electrum users:

We do not know how much BTC made the first attackers, but we do know the second attackers made around $115,491.44. Stay safe out there.

It should be noted that, from 2018 to 2020, Electrum wallet was targeted by numerous sophisticated attacks. Typically, they included spreading fake binaries as "update." Aggregate losses may have surpassed tens of millions of dollars.

article image
About the author

Blockchain Analyst & Writer with scientific background. 6+ years in IT-analytics, 3+ years in blockchain.

Worked in independent analysis as well as in start-ups (, Monoreto, Attic Lab etc.)