In its second attack in less than six months, Electrum announced on April 7, 2019, that it was targeted in a fake wallet attack.
Attack of the Wallets
In an ideal situation, crypto wallets would be virtually impenetrable and free from threats.
However, as previous incidents have shown, this is not the case. For example, Ledger revealed some vulnerabilities they discovered in the Trezor wallet, even as their own Nano S wallet received security certification from the French government.
A recent Incident occurred when Electrum, a Bitcoin wallet service, announced that they had suffered a Denial-of-Service (DoS) attack that led to the loss of millions of dollars in customer funds. The company themselves confirmed the attack via Twitter on April 7, 2019.
“Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually,” the tweet said.
The attack in question took place via the use of a malicious botnet of over 140,000 machines. The botnet in question was designed to refer Electrum users to a fake version of the software through which they would be tricked into giving up their user details, and their wallets could be emptied.
According to an article by the Next Web, the botnet was deployed about a week ago but has since reached new levels.
To achieve this, the hackers launched private Electrum servers which host compromised Electrum software. When the unsuspecting user synced their wallet with the server, they were directed to make an update with the false sever, and from there, the funds were stolen from their wallet.
Besides the acknowledgment of the issue on Twitter, Thomas Voegtlin, lead Electrum developer, stated that the firm is working to correct the situation shortly. One group of people that are particularly vulnerable, he says, are those that made their Electrum downloads long ago and have not updated since then.
Electrum has also informed users to disable their auto-connect option and to instead connect to servers manually. This is not the first attack that Electrum has faced as they were targeted in December 2018 in a similar fake wallet scheme that saw $937,000 worth of BTC stolen.