Electrum User Loses $16 Million to Phishing Scam 

Malware and other security threats continue to dominate the crypto news cycle once more, as a Bitcoin investor recently lost millions due to a bug-ridden app. Yesterday, a GitHub user published a post on the platform describing how he had lost 1,400 BTC, worth about $16 million, to a malware-infested wallet app.

An Unfortunate Security Update

The user, who goes by the name “1400BitcoinStolen, explained that he had downloaded the Electrum crypto wallet and got a pop-up message to update the app. The security update was a requirement before making any fund transfers, so he installed it and tried sending all the funds in his account. 

Sadly, the funds were maliciously diverted and are now in the possession of a hacker. The user added that he had contacted Confirm, the blockchain analytics company, to help track the funds but hasn’t gotten a response yet. Electrum is a top crypto wallet application that has been in operation since 2011. Since then, it has dealt with several security issues that have put users’ funds at risk.

Last February, several posts on Twitter and Reddit confirmed that the wallet, as well as fellow top wallet application MyEtherWallet, had suffered phishing attacks. Like this one, the phishing attack on Electrum at the time also posed as a security update.

The wallet subsequently published a warning on its website, informing users that versions of its wallet older than 3.3.3 were vulnerable to phishing attacks. The company also warned users not to download versions of its wallet that came from unknown sources. Two months later, The Next Web reported that the exchange was now facing a Distributed Denial of service (DDoS) attack. Per the report, the attack was launched by a malicious botnet of over 140,000 machines with the sole purpose of stealing crypto from users by directing them to fake versions of the wallet’s software.

No Correlation to Past Events Yet

The attackers also reportedly implemented their custom Electrum servers that hosted malware-infested versions of the wallet. After users sync their wallets with the malicious server, they are directed to update their wallets with the fake version, and hackers gain access to their funds. 

Unlike the first time, Electrum pointed out that users would need to update their apps. Thomas Voegtlin, the lead Electrum developer, told The Next Web that the most vulnerable users were those who hadn’t updated their apps in a long time.

Anti-malware company Malwarebytes reported eventually that up to 152,000 wallets had been infected with the DDoS attack, with up to $4.6 million in funds stolen.

It’s still unclear what caused the recent attack, but it appears to have been related to any of these. For now, it’s also too early to call whether phishing attacks on wallets are making a comeback. However, given how malware and cybercrime have bene popular ibn the crypt space, it wouldn’t be impossible to imagine. The world is currently dealing with a wave of cyberattacks. Whether it’s from North Korea or some organization looking to make a buck off companies’ dependence on the internet, everyone is on high alert.