Main navigation

Bitcoin (BTC) Wallet Electrum, Fake MacOS App, Steals User Keys

Advertisement
Sat, 6/03/2021 - 14:13
Bitcoin (BTC) Wallet Electrum, Fake MacOS App, Steals User Keys
Cover image via stock.adobe.com
Read U.TODAY on
Google News
Advertisement

According to a report by top-level cybersecurity expert, Confiant, the macOS application for Bitcoin (BTC) wallet, Electrum, has been compromised: attackers deployed fake binaries with backdoors. How many Bitcoins (BTC) have been stolen so far?

Beware: do not update your Electrum

Confiant's white-hat hacker, Taha Karim, detected that the macOS version of popular Bitcoin (BTC) wallet Electrum was compromised. Attackers injected malicious code into electrum/util.py and electrum/storage.py repositories.

Article image
Image via Twitter

Google Firestore's cloud instruments were utilized for this attack. Confiant's experts traced the fraudulent domains that the "updated" version of Electrum redirects data to.

Also, one of Windows versions of Electrum was infiltrated with similar malicious code. This attack is part of a "malvertising" scam that asks Bitcoin (BTC) holders to immediately update their wallet software.

Advertisement

With sophisticated routing tools, malefactors steal private keys, passwords and even the Bitcoin (BTC) riches of those who installed their malware.

$115,000 stolen at least

Actually, Electrum wallet has fallen victim to a series of attacks. Confiant's cybersecurity experts traced some Bitcoin (BTC) wallets involved in this scam.

Only one of the attacks managed to steal $115,491 in Bitcoins (BTC) from those crypto holders who installed fake "updates." While some of the infiltrated binaries are already deleted, Confiant warns all Electrum users:

We do not know how much BTC made the first attackers, but we do know the second attackers made around $115,491.44. Stay safe out there.

It should be noted that, from 2018 to 2020, Electrum wallet was targeted by numerous sophisticated attacks. Typically, they included spreading fake binaries as "update." Aggregate losses may have surpassed tens of millions of dollars.

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD