From malware attacks to cryptojacking exploits and attack vectors, malicious entities continue to devise means to steal cryptos. Constant vigilance and regular appraisal of security measures remain the best forms of defense against these cybercriminals.
Stealing Bitcoin via Fake Electrum Wallet Updates
Electrum wallet users are still vulnerable to an attack vector that has seen about $22 million in BTC stolen from victims. According to the tech news platform ZDNet, a technique discovered back in 2018 is still being used by rogue actors.
This particular exploit affects users with older versions of Electrum. The hackers reportedly use fake Electrum servers to push malicious updates to older version wallet owners.
If the intended victim installs the update, a popup appears, asking for a one-time password (OTP). Entering this OTP on the malicious wallet update gives the attacker the approval to drain funds from the user.
Despite being a known attack vector, cybercriminals are still seeing success with this particular exploit. Back in Aug., BeInCrypto reported about a case where a victim lost $16 million in Bitcoin to this same malware.
In May 2019, $4.6 million had also been stolen from Electrum users with over 150,000 infected hosts. This attack vector is possible because Electrum’s open architecture allows anyone to create an Electrum server. On most wallets, the host application itself controls and manages the servers.
The Electrum dev team has, for its part, tried to mitigate the problem by blacklisting servers associated with these malware attacks. They’ve also issued updates that prevent server administrators from sending HTML pop-ups to wallet owners.
However, cybercriminals can create new servers, and the users of old Electrum wallets remain vulnerable to this attack. As always, wallet owners should remain vigilant when running updates to their apps and only interact with official project websites.