Bitcoin (BTC) Wallet Electrum, Fake MacOS App, Steals User Keys
According to a report by top-level cybersecurity expert, Confiant, the macOS application for Bitcoin (BTC) wallet, Electrum, has been compromised: attackers deployed fake binaries with backdoors. How many Bitcoins (BTC) have been stolen so far?
Beware: do not update your Electrum
Confiant's white-hat hacker, Taha Karim, detected that the macOS version of popular Bitcoin (BTC) wallet Electrum was compromised. Attackers injected malicious code into electrum/util.py and electrum/storage.py repositories.
Google Firestore's cloud instruments were utilized for this attack. Confiant's experts traced the fraudulent domains that the "updated" version of Electrum redirects data to.
Also, one of Windows versions of Electrum was infiltrated with similar malicious code. This attack is part of a "malvertising" scam that asks Bitcoin (BTC) holders to immediately update their wallet software.
With sophisticated routing tools, malefactors steal private keys, passwords and even the Bitcoin (BTC) riches of those who installed their malware.
$115,000 stolen at least
Actually, Electrum wallet has fallen victim to a series of attacks. Confiant's cybersecurity experts traced some Bitcoin (BTC) wallets involved in this scam.
Only one of the attacks managed to steal $115,491 in Bitcoins (BTC) from those crypto holders who installed fake "updates." While some of the infiltrated binaries are already deleted, Confiant warns all Electrum users:
We do not know how much BTC made the first attackers, but we do know the second attackers made around $115,491.44. Stay safe out there.
It should be noted that, from 2018 to 2020, Electrum wallet was targeted by numerous sophisticated attacks. Typically, they included spreading fake binaries as "update." Aggregate losses may have surpassed tens of millions of dollars.