Electrum is an electronic wallet that allows the transactions and hoarding of Bitcoin and other cryptos. Thomas Voegtlin launched it in November 2011. He declared it as an open community in the year 2015 and invited developers to contribute to its source code. The Electrum wallet is an example of a thin wallet, so its users don’t need to download the Blockchain’s entire history.
Electrum offers a myriad of benefits over other electronic wallets. It provides two-factor authentication, desktop, and mobile applications, allows users to keep their personal keys offline, and supports hardware wallets. It’s a free software, created for all, novices and professionals.
Even though Electrum provides some unique features, the security of some of its client versions is questionable. The developers of the e-wallet confirmed that version 3.3.3 and most of the earlier ones were vulnerable to attacks from hackers. According to a report, 70% of the entire Blockchain was controlled by hackers.
In this article, we look at some of the past phishing cases that came to light and the most recent case of wallet hack. We also discuss how you can prevent such attacks and proceed to recover your account.
Phishing Cases in the Past
The first case regarding Electrum malware and phishing surfaced in December 2018 wherein a user on the discussion website, ‘Reddit’ publicized the attack and claimed $1 million stolen. The user suggested that the attackers created multiple malicious networks before hacking the wallet.
Another detailed post about the attack suggested that the hacker used these malicious servers, guiding users to a link where they were prompted to enter private data. The attacker got access to this data, and it allowed the nefarious camp to control the assets of the users. The chicanery also involved a fraud wallet update that installed malware virus into the devices of the users.
When Cointelegraph first reported the case, the account associated with the fraud had 243 BTC. Navigating the account today reveals that a total of 637.44 BTC got transacted in the wallet that now stands empty.
Another phishing scam occurred on April 7th, 2019, when the company took to Twitter to announce that the platform is experiencing a Denial of Service attack on its network. The attack has reportedly resulted in an overall loss of over $1 million.
This attack was supposedly set up by a duplicitous botnet containing over 140,000 machines. It aimed to purloin the Bitcoin held by users by referring them to fraud versions of the Electrum platform.
After the initial Electrum scams got reported in the year 2018, wallet complications have continued, and several more cases of wallet hacking have been revealed, which put the security provided by the e-wallet platform under suspicion.
Latest Phishing Cases
Recently, two users of the e-wallet platform reported that a large number of Bitcoins went missing from their wallets. One sufferer revealed the loss of 1400 BTC, the total valuation of which presently stands at $14,595,000. Another victim reported the loss of 36.5 BTC, worth $380,512. These attacks add to the already prevailing phishing problem affecting the Electrum network.
The most surprising aspect of the attack on the victim’s account, who lost 1400 BTC, is that the user had not accessed the address since 2017. The victim, in the post published on Github, added how they installed an older version of the Electrum service and failed to transfer 1 BTC to the address. Then, a pop-up appeared which asked the user to update the software before making any transaction. Once the system got updated, the funds in the wallet immediately started getting transferred to a hacker’s address.
Cointelegraph staff investigated the matter and found a probable connection between the 1400 BTC and a Binance exchange address. According to a Binance representative, the transaction ID, however, had links with 75 different wallets.
The representative, speaking to Cointelegraph also enlisted the difficulties and equivocations associated with tracking and categorizing transactions as foul play due to the massive volume of transactions that get carried out, daily, and the nature of the crypto. The official suggested that it would be erroneous to assume that hackers are responsible for the transfer of funds, especially when the funds have directly been sent from the user’s wallet.
Briefly, after the reported thievery of 1400 BTC, another Github user claimed that they had suffered a loss of 36.5 BTC through similar methods. The user, Cryptbtcaly, traced the looted cryptos to five different wallet addresses. The user said that some of the stolen funds went to a Binance account and they refused to return it, even on constant appeal.
One of the most disputed points in the latest Electrum phishing scams is that the users were holding enormous amounts of Bitcoins on their software wallets. A manual from BitDegree, an online educational resource regarding Blockchain, suggests that software wallets get frequently attacked by hackers, and carry the risk of developing malware. It says that even though software wallets are convenient for day-to-day use, it’s not ideal for stacking large amounts of funds for prolonged periods. These types of wallets aren’t as secure as hardware wallets.
Recovery and Prevention
According to the official website of the e-wallet service platform, Electrum, its versions 3.3.3 and earlier are prone to outside malware attacks. Although hackers have been using the underhanded technique of persuading the users to update their version to the malicious version, the users need to update the software using only the official link regularly. The founder of the platform, Thomas Voegtlin also suggested that users who’ve not updated the system stand the highest risk of facing such attacks.
So, for the users of Electrum, it’s indispensable that they download the latest version of the software from electrum.org only. The platform also urges its users to choose their servers manually and disable the auto-connect option.
Electrum is one reputed e-wallet service provider that has been facing phishing scams for the last three years. A report published by the World Economic Forum on cybersecurity suggested that most data breaches are caused due to poor implementation of security features and not the increased adroitness of hackers. It’s high time that the platform improves its security measures.
