On August 30, a Github user posted a post about losing 1400 bitcoin (BTC) due to a complex hack that affected his Electrum wallet. Analysis across the chain shows that hackers have an account on Binance, and that some of the transactions used to transfer stolen coins may have originated in St. Petersburg, Russia. However, it is important to note that conclusions from sequential studies are usually more likely than deterministic.

However, it is not clear how the attack was carried out because Electrum software is considered secure when properly configured. The plaintiff stated that the attack took place after he launched his wallet for the first time since 2017. He claims that after installing the software update, his entire balance was transferred to an unknown address.

Two leaps from the phishing address are withdrawals of 5 BTC from Binance, which occurred in January 2018. According to a Binance spokesman, the corresponding transaction number is associated with more than 75 different addresses and is not from a specific Binance user. Exchange CEO Changpeng Zhao tweeted yesterday that Binance has blacklisted the affected addresses:

After taking control of 1400 BTC, criminals began moving them and dividing them into smaller wallets. On several occasions, the Bitcoin node that processed these transactions was returned to St. Petersburg, Russia, although the thieves may have used a VPN to hide their true location.

Source: CoinTelegraph