Electrum and Electron Cash Wallets ‘Hacked’ — 200 BTC Stolen So Far

Share Article

Popular Bitcoin wallet Electrum and Bitcoin Cash wallet Electron Cash are subject to an ongoing phishing attack. Beware of any strange behavior and non-official URLs!



Just days before Christmas, Electrum Bitcoin Wallet announced its latest update. Codenamed Hodler’s Edition, this was supposed to be the last update before the Proof of Keys celebration. On Jan 3, 2019 — 10 years after the official launch of the Bitcoin network — users who truly believe in Satoshi Nakamoto’s vision are encouraged to withdraw their bitcoins to wallets they control. This way, they show the world they have real control over their wealth.

Indeed, a reason to celebrate for most of us, yet, at the same time, it is also the kind of event that attracts unwanted attention from malicious actors.



Pay Particular Attention To Any ‘Update Required’ Message

These malicious actors are already on the job and are currently targeting Electrum Bitcoin Wallet.

Fortunately, it’s not a hack, per se. According to the developers on GitHub, there is an ongoing phishing attack. The users are encouraged to update their current wallet version by actually downloading a malware version.

Essentially, the hackers spammed the Electrum network with their own version of servers/nodes. If a wallet user connects to any malicious server (if the user tries to send some bitcoins, for example, and broadcasts the transaction), a ‘Security update required’ message appears. The message box has a URL that is not the official GitHub page. Furthermore, if the user clicks on the link, it won’t open. The user has to manually copy and paste to access the link and download the compromised version. Once downloaded and installed, the malware steals any BTC funds the user may have in the Electrum wallet.

Since Electron Cash is a ‘fork’ of Electrum, only destined for Bitcoin Cash (the source code between the two is very similar), the same attack is happening on the BCH network, according to some users.

Electrum Wallet Releases Small Update (But Not A True Fix)

Electrum developers moved quickly and released a small update in their attempt to make the phishing attack more obvious for the non-technical user.

The update changes the way the error appears. In other words, instead of a rich-text-based organized message, the user receives a non-formatted error that looks more like unreadable code.

The update is not a fix!

The developers admitted they didn’t publicly ‘disclose’ the problem until now because the attack was short and stopped when the latest 3.3.2 version was released. However, the attack resumed. Now, the users should see the message is actually an error and not a real security update warning.

200 BTC Stolen So Far — And Counting?!

AccordinReddit reddit user, the attacker’s Bitcoin address is this:

Thus far, the phisher has stolen over 200 BTC, worth around $760,000 at the time of the attack. Data revolving the BCH stolen hasn’t been revealed yet.

The attack is still ongoing, even though the phisher will now have a harder time in convincing an Electrum user the message is actually legitimate.

To avoid losing your BTC or BCH, always compare the URLs from any Electrum/Electron Cash message box to the ones found on the wallets’ official sites. Also, be sure to access the wallets’ official sites and check for updates there, before taking any update message seriously.

What do you think of this latest phishing attack? Let us know your thoughts in the comments below!


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Related topics

I started out in print journalism in 2008 and switched to freelancing two years later. Afterward, I covered the poker and gambling scene for several years before getting into sports and motivational stories. Crypto-wise, I first learned about Bitcoin just months after the Mt. Gox event. I’ve been riding the bulls and the bears ever since.

Follow Author

AKTIO Coin Launchpad Pre-Sales with 12.5% Bonus


Limited offer! Learn to mine and trade crypto today for free