Posted on

Bitcoin Electrum Wallet Attacked: Hacker Steals 200 BTC

Nearly $1M In Bitcoin (BTC) Stolen

An anonymous hacker (or consortium of hackers) have purportedly stolen nearly $1 million worth of Bitcoin (BTC), reports technology media outlet ZDNet. Per the report, the Electrum Wallet, a popular open-source project founded in mid-June 2011, was breached in a “clever attack.”

The attack, which has since been confirmed by the team behind the venture, purportedly consisted of a false message appearing on users’ official Electrum-based applications, which beckoned consumers to visit a site.

If the link stipulated was clicked, it would lead victims to a seeming Electrum-branded GitHub repository, which contained a malicious version of Electrum that would steal consumers’ Bitcoin holdings.

This specific attack purportedly began on December 21st but was recently ended (maybe only temporarily) by GitHub admins, who purged the malicious download files. But how exactly did the attack work?

Well, as explained by ZDNet, the hacker purportedly added dozens of “malicious servers” to the Electrum network, so when a user intends to make a transaction, the hacker-backed server replies with an error message that asks users to visit the false GitHub. When downloaded, the app would request for users to input a 2FA code, which was routed to the attacker, subsequently allowing BTC to be snatched.

Electrum admins have purportedly since disallowed the message from being mostly legible, so this medium of attack is likely breathing its last breaths. Yet, the fact of the matter is that in the end, the hackers netted 200+ BTC, approximately valued at ~$740,000 at the time of writing. Other reports indicate that the attack garnered 250+ BTC for hackers, but these numbers haven’t been confirmed.

Not The First Attack On Electrum

Interestingly, this isn’t the first time that the popular wallet solution has been attacked by bad actors. Earlier this year, in early-May, the Bleeping Computer reported that the Electrum team had seen an unnamed individual/group create a copycat of their flagship product, naming it “Electrum Pro.”

The app, which closely resembled its bonafide counterpart, was exposed as a vector of attack that malicious individuals can exploit, stealing Bitcoin private keys in the process.

In a post-mortem of the attack (of sorts), which went on for upwards of two months, it was explained that there were a number of glaring red flags. Electrum Pro purportedly used Electrum’s brand and logo without permission, while also purchasing the rights for the Electrum.com domain, which was near-identical to the legitimate group’s .org domain name.

Following analysis, it was also revealed that in Pro’s code, specifically lines 223-248 of electrumpro_keystore.py, a system was integrated that allowed attackers to upload users’ keys for nefarious purposes. While the Electrum Pro attack has since been dismantled, the two aforementioned cases show how hackers are still poised to attack the cryptosphere, even amid a bear market.

Title Image Courtesy of Luca Bravo on Unsplash

The post Bitcoin Electrum Wallet Attacked: Hacker Steals 200 BTC appeared first on Ethereum World News.

Posted on

Bitfinex Recovers from Cyber Attack to Resume Trading

The world’s fourth largest crypto exchange by trade volume, Bitfinex, suffered a cyber-attack yesterday that halted services and prevented trading temporarily.

The Hong Kong headquartered exchange, which has handled $430 million in trade in the past 24 hours according to coinmarketcap.com, went offline for a few hours with what it determined as unscheduled maintenance.  It was subsequently revealed that the servers were the target of a distributed denial of service (DDoS) attack which overloaded them with spurious traffic causing the website and trading platform to shut down temporarily.

The status monitoring systems for Bitfinex reported that;

“The cause of the outage has been identified. A DDoS attack was launched soon after we restarted operations. The previous outage was caused by issues with one of our infrastructure providers. While the platform was recovering, the attack caused extreme load on the servers. We are adjusting the DDoS protection measures to fend off the attack and be able to relaunch.”

These types of attack are not designed to steal currency but to disrupt services. Bitfinex quickly recovered from the incursion and trading resumed within a couple of hours;

Traders and investors had every reason to be concerned since Bitfinex lost almost 120,000 Bitcoins to hackers back in 2016. In June 2017 the exchange also reported being the victim of cyber-attacks so it is quite familiar with them.

The ongoing saga with Tether is also a cause for concern with Bitfinex and those that use the platform. There have been fears that the company would close due to links with USDT and an ongoing investigation by the Commodities Futures Trading Commission which subpoenaed the exchange in January. Since then the exchange has been operating as normal even though it still holds the largest amount of Tether which is currently responsible for over 17% of all Bitcoin volumes.

Security is a major headache for exchanges which are now the modern version of a bank, which of course can be robbed. Several have fallen victim this year with the largest hack being Coincheck at the beginning of the year.

The advice is always the same; do not hold any significant amount of crypto on exchanges no matter how safe you think they are. Wallets and cold storage are far safer alternatives however even they are not completely infallible.