Electrum Wallet Hacked $1M In Hours
In the latest cryptocurreny news, another hacking incident has reportedly taken place. This time around it involves the Electrum Bitcoin Wallet. Official reports suggest that the hackers setup various malicious services, all of which helped in obtaining nearly $1 million.
An ‘Official Looking’ Message
Basically, when users logged into their wallet and processed BTC to be sent to a specific address, they received an “official looking” message. The latter is said to inform the need to update to the latest version of their Electrum Wallet. From there, it followed a Github link.
One of the first users who reported the hack said that the link was quite strange for 2 apparent reasons. Frist, it was not really an official link coming from the Electrum website. Second, it did not necessarily allow them to click it, which is something a standard link would do so. It would instead enable users to copy and paste the link directly to their browsers.
The user proceeded to copy paste the link and download the application. After downloading the app, the user logged back in again, and the system asked them for their 2-factor authentication It is worth noting that Electrum normally only asks if and only if a user is attempting to send funds to a recipient.
The user made multiple attempts to send Bitcoin, and each time would get an error message saying, “max fee exceeded no more than 50 sat/B.” It was only when the user decided to restore the wallet on a different desktop that he realized his entire balance had been transferred to a strange address.
Almost $1 Billion Already
Hacking incidents like this have already been widespread in the crypto world. In fact, they have managed to contribute to nearly $1 billion in digital currencies – and this figure is just in this year alone.
Apparently, the biggest problem is not the security of the blockchain itself. It is instead the lack of sophistication of users, particularly those who tend to interact with crypto wallets. Many are new to the space and, thus, do not understand how to identify the various traps that smart hackers setup to steal their funds and information.
Links that people have to copy and paste, or seemingly random requests to update their wallet are clear signs that something may be off. Hence, as much as possible, people should avoid proceeding further until they can verify who is making the request.