According to a new report by Malwarebytes Labs, a DDoS botnet targetting Electrum Bitcoin wallet users has infected 152,000 hosts. The attack began as a fraudulent update but has now progressed into a Distributed Denial of Service (DDoS) attack as Electrum developers work to protect users.
In total, around $4.6M has been stolen so far, and the botnet that infected the Electrum infrastructure is quickly expanding. For example, on April 24th, the number of infected hosts stood at around 10,000. However, by April 25th, this number jumped to 152,000. It has since plateaued at around 100,000 but the attack is ongoing and the number of infected hosts could still grow.
According to the report, the botnet responsible for this attack is distributing malware by the name of ElectrumDoSMiner. Malwarebytes Labs has also identified a loader called Trojan.BeamWinHttp which automatically downloads the malware.
The bots currently committing the DDoS attack are largely concentrated in the Asia Pacific region, but others have also been identified in Brazil and Peru.
Currently, Malwarebytes is detecting and removing ElectrumDoSMiner infections at a rate of 2,000 per day. Although these DDoS attacks have received little attention in the cryptocurrency space, they have nonetheless caused millions of dollars worth of losses in just a few months.
Malwarebytes even says that there are likely many more infection vectors beyond the ones they have uncovered so far. Although Electrum has been quick to respond to these attacks, there is little they can do against a complex DDoS attack like this one.
The lesson to be learned from a situation such as this is to always be extra cautious when updating your cryptocurrency wallets. Malware embedded within them can easily be used to steal your funds. Extreme vigilance should always be exercised when it comes to your digital funds.
Is Electrum doing enough to stop these losses? How can this be prevented in the future? Let us know your thoughts in the comments below.