A scary scheme by hackers recently successfully lifted Bitcoin from Electrum wallet owners to the tune of approximately $750,000.
The scheme worked like this: the attackers added anywhere between 33 and 50 malicious servers to the Eletrum wallet network. When legitimate owners of Electrum Bitcoin wallets initiated a Bitcoin transaction after December 21, 2018, if the transaction was routed through a malicious server, the user received an error message urging the user to download a wallet app update coming from an unauthorized GitHub depository. Once they download the malicious update, the app asks the user for a two-factor authentication code, which is then used by the thief to steal the user’s funds and transfer the funds to the hacker’s Bitcoin address.
The attacks were reportedly successful because the server messages were delivered as rich-formatted texts, which made the popup alert look authentic and conveniently provided a link for users to click on to apply the update. Following discovery of the heist, Electrum reportedly updated the Electrum wallet app so the messages urging users to download the update no longer appear in rich HTML text. Still, one of the issues with cryptocurrency is the fact that it is not protected by the government and it is unclear what, if anything, these Electrum wallet users can do to get their stolen Bitcoin back.