According to business technology news outlet ZDNet, yet another attack has hit the cryptospace – this time, the target was the Electrum Bitcoin Wallet. The hacker, got away with over 200 Bitcoin (around $718,000) by asking the wallet users to download and install a malicious software update. The hack began on December 21, and has been temporarily halted by GitHub administrators as of today.
The attacker added several malicious servers to Electrum’s network to acquire users’ bitcoin. If an initiated bitcoin transaction reached one of these servers, it would respond with an error message prompting the user to follow a GitHub link to download an update. After download, the updated app would request a two-factor authentication code, which, if provided would allow the malicious software to transfer the user’s funds into the attacker’s Bitcoin addresses.
Some users copy-and-pasted the link given in the error message and downloaded the malicious update.
The dubious repository was eventually removed by GitHub, and this followed by the Electrum team updating the app as a response to the hack so that the fake messages would no longer appear as formatted text, which looks more legitimate than plain text. SomberNight, a developer from Electrum, said the team did not publicly disclose the attack until today because the hacker had apparently stopped.
Electrum anticipates another attack to happen using either the same method, but with a different repository of GitHub or download location. The malicious servers also remain on the Electrum network – in fact, Electrum developers have identified at least 33 of them. The team has not disclosed what it intends to do about these servers.
