Another major hacking incident has just occurred, this time involving an Electrum Bitcoin Wallet. According to the details, the hackers setup multiple malicious servers. When a user would log into their wallet and try to send BTC to an address, they would receive an ‘official looking’ message claiming that they had to update to the latest version of their Electrum Wallet, followed by a GitHub link.
The first user that reported the hack noticed that the link was strange for 2 reasons:
- It was not the official link from the Electrum site
- It didn’t allow them to click it as standard links would. It instead made them copy/paste the link into their browser window
The user proceeded to copy paste the link and download the application. After downloading the app, the user logged back in again, and the system asked them for their 2-factor authentication (Electrum normally only asks this when a user is attempting to send funds to a recipient).
The user made multiple attempts to send their BTC, and each time would get an error message saying, “”max fee exceeded no more than 50 sat/B”.
It was only when they decided to restore their wallet on a different PC that they realized their entire balance had been transferred to a strange address.
The user also reported that they could not download Electrum from their official website, which means Electrum may have experienced a DDOS attack.
The latest reports show that the hacker has stolen funds from many other victims like this user, and so far has stolen up to $1 million, which has now been consolidated in this address:
Almost One Billion USD Stolen Only in 2018
Hacking incidents like this are widespread in the crypto space and have contributed to almost $1 billion in cryptocurrencies being stolen in 2018 alone. The biggest problem is not the security of the blockchain itself, but the lack of sophistication of users who interact with crypto wallets. Many are new to the space and often don’t understand how to identify the various traps that smart hackers setup to steal their funds and information. Links that you have to copy paste, or seemingly random requests to update your wallet are clear signs that something may be off and that you should avoid proceeding further until you can verify who is making the request.
We’ve previously written about why is it crucial to solving the security-complexity relationship in order to fast-track cryptocurrency adoption. This recent hack is a perfect example of the points discussed.
If you ever notice a similar sequence of events when trying to access your wallet, simply screenshot the page and send it to the support team at the official website to verify that it is their developers who are asking you to make an update or download an application, and not some hacker trying to steal your funds.