Two users of the Electrum software box recently reported losing large amounts of Bitcoin (BTC). One victim described the disappearance of 1,400 BTC valued at $ 14,595,000 at the time of publication, while another claimed that 36.5 BTC valued at $ 380,512 was stolen. The incidents appear to be related to a long-standing scam that has affected Electrum users since 2018.

“Users need to be careful when handling private keys, especially when storing wallet keys with many cryptocurrencies, because this makes them attractive to hackers,” said Jason Lau, COC at OKCoin. He told the Cointelegraph in response to the 1400 BTC hack and added:

“In this incident, it appears that the phishing attack resulted in a user installing an update that gave the hacker access to private keys and means. Phishing attacks are very common for all types of financial applications, and their level of sophistication continues to evolve. ”
Seeking the past
The first news of the Electrum Wallet phishing scam first made headlines on December 27, 2018, when almost $ 1 million was stolen. “Hackers created a whole bunch of malicious servers,” a Reddit user said as he talked about the hack.

In essence, the hacker drove users to a malicious website through servers, forcing them to enter personal information, which in turn transferred control of the assets to the evil party behind the scheme. The scam also included a fake wallet update that downloads malicious software to victims’ devices, as described in a separate Reddit post.

When the Cointelegraph was released in December 2018, the fake wallet address contained 243 BTC. Today’s address display shows that 637.44 BTC has visited and left the empty wallet now.

After months of phishing being shown to the public on Electrum, wallet problems continue, including a separate denial of service attack that was very similar to the above-mentioned 2018 phishing scam, and also misleading victims with fake software updates. …

Decipher $ 14.6 million Bitcoin theft
In recent weeks, two users of the Electrum wallet have reported stealing their Bitcoins. It is reported that one of the wallet users lost 1400 BTC. “I had 1400 Bitcoins in my wallet, which I have not had access to since 2017,” the victim said in a post on GitHub on August 30, 2020, adding:

“I foolishly installed an old version of an e-wallet. My coins came out. I tried to transfer about 1 BTC, but failed. A popup appeared saying I had to update my security before I could transfer the money. I installed an update. which immediately resulted in a transfer. “My balance is right up to the address of the scammers.
Blockchain tracking of Cointelegraph employees revealed a potential link between a 1400 BTC thief or thief and a Binance swap account, according to a specific transaction ID. However, more than 75 different wallet addresses were included in the transaction ID, a Binance spokesman told Cointelegraph.

The spokesman also highlighted the difficulties and gray areas associated with tracking transactions and linking them to the wrong game due to the nature of the cryptocurrency and the diversity of parties trading daily. The spokesman added: “It should not be assumed that the flows of the malicious mass come from a person / group associated with the campaign, especially if it is a group used to receive money directly from the victims.”

Referring to the Cointelegraph’s first report on the theft of 1400 Bitcoins, the spokesperson said: “The account that is the focus of this article has been confirmed and no suspicious indicators have been found.” Cointelegraph’s previous reports also trace some stolen BTC in Russia, although the potential use of a VPN nullified any final conclusion.

“The title of Binance is a scam, maybe just another victim,” Electrum tweeted on September 1 in response to a Cointelegraph post. The tweet also indicates that the attack is linked to the phishing scam in 2018 and added: “It is not necessary to involve Russian hackers.”

“Electrum’s peer-to-peer detection system is a design option to keep the system decentralized, but in this case it played a role in letting the hacker broadcast a fake ‘software update’ message,” Lau said of the 1400 BTC hack, adding to: “Users should always check carefully for the originality of any wallet client software and extra vigilance when verifying the source of all updates.

Source: CoinTelegraph