Bitcoin Forum

I'm just wondering if someone downloaded the fake version and tried to use it with his hardware wallet.
Is someone here who did it accidentally (or on purpose) to tell us if his hardware wallet protected (or not) his coins?

The hardware wallet will indeed protect your coins.

All the fake version of Electrum does is attempt to generate, sign, and broadcast a transaction which sends the entire contents of your wallet to the attacker's address. If you are using Electrum as an interface for a hardware wallet, then that transaction cannot be signed with you manually approving it on the hardware wallet. Provided you don't just blindly accept everything the hardware device displays and actually pay attention to what it is doing, then you can reject the transaction which will prevent it from being signed and broadcast.

I agree with this bold part because if you do not check it carefully it will end up sending to an unknown address.

So always make sure to check the transaction and the hardware wallet carefully before you sign the transaction and I suggest you if you have the fake Electrum wallet installed much better uninstall and clean the PC/Laptop and install the original Electrum to keep your wallet safe.

I tend to agree with this, and this was explained on the blog of the Trezor wallet. " Fight Phishing with Trezor (https://blog.trezor.io/fight-phishing-with-trezor-452d1c081abe) "

But usually, as I have heard, the clone wallet or phishing wallet like installing a fake version of the electrum didn't have any malware infection in your device, but the problem is the revise the code. When you make a transaction it will automatically send to their Bitcoin address and the reason for losing your fund.

In this case, to avoid that matter. Study of how to verify the authenticity every time you have to download and install any version of the wallet. Learn the PGP stuff.

If the fake Electrum clients indeed only generate one large transaction, then uninstalling the fake client should be enough. I haven't seen any reports of the fake clients changing OS settings or running trojans, trying to install other malware or similar behavior. If those things were done then it would certainly require an operating system reinstall, and you'd skip the uninstall because in that case it's not guaranteed the uninstaller will be honest and clean up itself. It could leave a backdoor behind.

let's just say that it is a lot harder to steal your coins if you were using a hardware wallet but it is in no way impossible. one way is what was mentioned (blindly accept everything) but there are sometimes exploits in these hardware wallets that the attacker could take advantage of and steal your coins. for instance recently there was a bug that involved the way they sign SegWit transactions and compute fees which could end up spending your entire balance by sending it to an arbitrary address.

Hardware wallets works by only protecting your private keys. It doesn't protect against phishing attacks by misleading you to send to a different address. It's possible for a malware to be included with the fake Electrum software to change the Bitcoin addresses that you see on webpages and key in.

If the fake Electrum software only changes the addresses that your transaction is being sent to, the hardware wallet displays the transaction details and you should be able to see for yourself and decide if it's correct. If you don't sign the wrong transaction, you won't lose the funds.

the change address is not verified by some hardware wallets so you could still lose money. ledger doesn't verify it for example.

Maybe I'm wrong since I cannot check now, but why doesn't Electrum "report" then the change address like another output in pay to many?
Electrum knows the user has Ledger and can easily handle that.

I am almost certain that this was the case before, the user had to confirm both addresses before confirming the transaction. But Ledger has completely removed this feature in Ledger Live (it is not possible to see the change address at all) most likely because of those (including me) who played with those addresses in the Chrome Bitcoin App - and those addresses used to be far below the gap limit and Ledger didn't detect them at all (meaning not even the coins that were on them).

Only way to check change address in Electrum as UI for Ledger would be to click on Preview button where change address is displayed - and then go to console/type

Call me old fashioned but I like to keep it simple if I can.  One suggestion for the many of us that ONLY use BTC; make sure to use bitcoin-only firmware if your hardware wallet offers it.  Almost all of the time software crap happens because firmware coders are attempting to use every coin out there, when many users only have BTC.  Any Trezor I have that contains only BTC is loaded with bitcoin-only firmware, which was verifed using trezorctl and signatures.

yeah but the thread is about malware versions of electrum. you can't trust what they report.

The hackers are probably not interested in attaching easy to detect malware with their fake Electrum wallets. The majority of users have some sort of anti-virus software installed. As the time passes, the fake wallets would be recognized as malware and that is not something they want. They want a similar code to the original Electrum, with one difference: Your coins get sent to an address controlled by them.   

If someone could point me in the direction of the fake version I will try it with a coldcard and a laptop I have to wipe over the coming week.
It's an older gen1 coldcard so it will not be an ideal test since that hardware is no longer current / supported but still something to try.

-Dave

Just wonder how the attacker connects into the server of the Electrum and increases the chances that the possible a victim will connect to the attacker and the attacker can able to manipulate the wallet and send it to their own wallet. And they called it a Sybil attack, how genius the attackers these days because they had the ability to hack like this even how many times they had an update.

Just like what happened to this recent victim, the attacker stole 1400 Bitcoin from Electrum installing old version of the wallet (https://www.coindesk.com/loses-16m-bitcoin-crypto-install-malicious-electrum-wallet).

Why not install an old version of Electrum below Electrum 3.3 and connect it to any infected server. It will ask to update the Electrum to Electrum 4.0.

Click the link and it will lead you to fake Electrum 4.0 but I think most of the link right now are all dead. So I don't think you can find the Electrum 4.0 right away just keep changing the server until you find the alive one.

You only receive the "update" message when you attempt to send a transaction... So, it could get quite expensive and you could end up wasting a bit of BTC in transaction fees trying to find a infected "bad" server (they're not "infected", they're just "bad") :P

And that explains why I have opened and closed Electrum about 20 times, rebooted, and still never got the update message.
Guess I'll have to hunt it down another way.
Geez, how tough is it to get robbed around here :-)

-Dave

Some google search results for "Electrum download" look suspiciously the malware version,
especially those from random sources like 'softonic' and 'softpedia'. (if not, they come with a virus)

There was another unfortunate user who recently posted in another thread (https://bitcointalk.org/index.php?topic=5129118.msg55119186#msg55119186) who handily noted down the malware URL in a screenshot: https://imgur.com/a/mvSIn9T

You could see if it is still live...

I just received the fake error message in Electrum 3.3.4. Here is the malicious website: https://www.electrumdigital.website

Does it make sense to give this to the ElectrumX team, so they can blacklist this address?

No. Electrum doesn't control your web browser so they can't restrict you from viewing the website. There is also no filtering on the things that you can display in that dialog box.

The best you can do is report the address to the domain name provider. Whois data says that that address is registered by namesilo. You can fill in an abuse report here: https://www.namesilo.com/report_abuse.php

You can also report it as a phishing link at the following places, which may aid in getting it taken down:
https://safebrowsing.google.com/safebrowsing/report_general/
https://us-cert.cisa.gov/report-phishing

Having said that, it's unlikely to make much difference. These scammers are used to their sites getting frequently taken down and are registering a new domain to continue their scam from on a weekly basis. Every report of someone falling for this scam is using a different URL.

You should update to 4.0.2 via electrum.org.

however 3.3.4 should not be vulnerable to these phishing messages according to the release notes:

https://github.com/spesmilo/electrum/blob/master/RELEASE-NOTES#L184

may be you are using an even older version?

Looks like someone reported the site to the domain registrar... and they promptly removed the DNS entries, as the URL doesn't return an IP address anymore:
https://talkimg.com/images/2023/11/15/zfEgj.png

Sorry, it was 3.3.2.

Thanks. I have several questions:

How does the upgraded ElectrumX server mitigate this issue? Does it keep a blacklist of fraudulent servers and exclude them from the network?

Does the upgraded Electrum client simply block all messages from blacklisted servers? or what is the mechanism for preventing connections to fraudulent servers?

Once I get a message from a fraudulent server, will it get stored in local storage and be likely to be connected to again?

If I ignore the message, do I simply try to send again, and hopefully connect to a legitimate server?

Sorry for the multiple questions!

It doesn't... and it can't...

The "bad" servers are running a custom version of the Electrum Server software designed to send the "update required" message and link to malware when they receive a "send transaction" request from a client.


There is no "blacklist"... the mechanism is that the Electrum client no longer just displays the verbatim text that is received back from a server... instead, there is a set list of predefined error messages that it will accept and display... if something "unexpected" is received, the client will display "Unknown Error" and advise you to try again or use a different server etc.


No, the message is received, processed and discarded... There is no action taken to blacklist the server and ignore it.


Yes.

You could potentially implement your own blacklist and prevent outgoing connections to the IP in your own firewall.

Most of them will perform a DOS attack to the connected old vulnerable client to keep it offline without error messages hoping for the user to upgrade to the latest version.
Reference: https://github.com/spesmilo/electrum/issues/5195#issuecomment-473157912 (https://github.com/spesmilo/electrum/issues/5195#issuecomment-473157912)
But since there's still a good chance that Electrum will connect to a "bad server" if server selection is set to automatic, these phishing incidents will still arise.

In the other hand, any "good servers" or clients can't blacklist "bad servers",
you can manually connect to good server that gets your client online though.

That message alone is harmless if you ignore it.
But you must upgrade before trying to send again since it will hard to find a good server that lets you connect.
It's not always recommended to use outdated software; whether it's Electrum or not.

it may not be such a bad idea to add a new option on client side to exclude (or blacklist) certain servers from their list, or alternatively the current server selection list could add a multi-select option where user could choose multiple servers to connect to automatically and randomly instead of using the entire list.
this could be beneficial for both privacy and security.

So I finally got a copy of one of the bad versions on a machine I was going to DBAN anyway to check, and it would not even recognize my old ColdCard at all.
Plugged it into a legit machine and it was there so I know it was not the hardware wallet. So whoever is writing the malware either broke the HW wallet compatibility or just did not bother putting it in.

-Dave

That's interesting. Do you have any other hardware wallets on hand you could try it with? Presumably the attacker figured it wasn't worth their time to keep up to date with support for hardware wallets, since the majority of hardware wallet users would reject a transaction they didn't generate trying to sweep all their coins to an unknown address (at least, you would hope so).

Thanks for these answers, and also to HCP. Very helpful! That is interesting about the DOS attack. One further question: how do I find a list of good servers and then manually connect to one (is there a setting for this)?

AFAIK, there isn't really a list of "trusted" servers...

I would guess that all you can do is let Electrum find any server, try your transaction and if it goes through OK without giving you the "unknown" error, then you can add that particular server to your own personal list of "trusted" servers that you want to connect to... and then manually connect to one from your list.

have you tried your ColdCard on an old (real) Electrum version such as <3.2.3 because i believe that the malicious version was forked from one of those earlier versions and may not have been updated. and there were some bugs in some of those earlier versions that are fixed in new ones. for instance Coldcard from Coinkite was not even supported in Electrum.

The machine in question has already been wiped. It was actually wiped before I even posted here.
I did not check a version prior to 3.2.3 I have just been using whatever is / was current. Did not know that the malware version was based on code that was 2 years old.

I have an old trezor that I can check against it. Should have another machine or 2 that will need to be wiped in a few days or early next week at the latest.

-Dave

Thanks again. I figured out I can open Network under Tools, and there is a list of 10 servers I am connected to. Beneath that there is a list of other known servers. I'm going to assume the ones with domains that start with electrumx are more recent. Of the servers I am connected to, there are two that start with electrumx: electrumx.erbium.eu:50002 and electrumx.[Suspicious link removed]:50002

If I right-click one of those, I get the "use as server" option. Would you know if either or both of the servers above are safe?

Does the list of 10 servers I am connected to change randomly with every transaction, as long as I check "Select server automatically"?

You said your last Electrum version "was" 3.3.2, so have you upgraded to the latest version?
If yes, don't sweat the server selection, bad servers can only block your transaction broadcast at worst, the message will be a generic error msg.
If you want, you can use electrum.blockstream.info:50002 as server, that is 100% surely isn't a phishing server but I can't vouch for the privacy part.

That is an incorrect assumption to make... they can literally be called almost anything, it is simply a choice made by the admin of the server what name is used... "electrumx" is simply the default name for ElectrumX based servers. Additionally, I would suspect that the "bad servers" were actually running a modified version of ElectrumX...

As nc50lc has pointed out... the "bad servers" can't actually steal your coins. All they can do is show a fake error message... and even that problem is mitigated by using newer versions of Electrum. To actually lose coins, you would need to download and install a fake version of Electrum that immediately sends your balance when you start it up... and that issue can be mitigated by only downloading from electrum.org and always verifying the digital signature of the download before running/installing Electrum.

Thanks again. Yes, I verified the 4.0.2 build and installed it. I am just paranoid because I previously made a connection to a bad server, and there is a lot of btc in this wallet. Just need to be extra sure. I haven't used Electrum a lot and now I understand a lot better how it works.

This is a great community and a great product. It's too bad this phishing exploit caused some bad press and paranoia. Anyway, I will do my best to promote the product!

If you want extra peace of mind, then the thing to do is to set up an airgapped Electrum wallet.

Essentially, you take an old computer or laptop and ensure that it will never connect to the internet again - remove the WiFi card, the ethernet adapter, and so on. Create an Electrum wallet on it and back your seed phrase in the usual way. Then export the master public key (xpub) from that airgapped wallet, transfer it on a flash drive or scan it as a QR code to your main internet-connected computer, and use it to set up what is called a "watch only" wallet in Electrum.

This watch only wallet on your main computer will only be able to view your addresses and coins, but will not be able to spend anything, even if you download malware, a fake wallet, or your computer is physically accessed. To make a transaction, you use the watch only wallet to generate the transaction, move it via flash drive or QR code to your airgapped computer to be signed, and then move it back again to your main computer to be broadcast.

Connecting to a bad server doesn't harm you. Installing malware without verify the signature does.

If you have a lot of BTC, you actually should either get a hardware wallet, or use a cold storage setup (as described by o_e_l_e_o).
I'd not recommend to use a desktop wallet to store an amount of BTC you definitely do not want to lose.

If you are transacting very often, get a hardware wallet (~70$). If not, a cold storage setup would be even better.

Or, you can also setup multisig.

https://en.bitcoin.it/wiki/Multisignature

This way even if you download malware you would have to do it in more then 1 location.
If you are even more paranoid you can use 3 different types of devices. PC, iPhone, Android phone and then setup 3 of 3 required to sign.

You would have to download 3 pieces of malware to actually loose your BTC.

-Dave

usually people who are so reckless about their security (that is ignoring the most important step of all, verifying the signature of the wallet installer they download) they are reckless overall. using a multisig won't help them much either because they may as well update those clients recklessly too or even ignore looking at the transaction they are signing and still send the coins to the scammer!

True.

Anyway back to the thread I installed the malware on a another laptop that I am wiping now and it did not see an old trzeor.
The authentic 3.1.1 did, so unless they went even older then that when creating the malware, they either cut the hardware wallet support out or just broke it by accident.

This is just with the 1 version of the bad software that I had, I do not know if there are more versions out there that are different.

-Dave

My guess would be that they simply took that part out of the code.
The malicious version creates and broadcasts a transaction as soon as possible. It wouldn't work with a hardware wallet, so i guess they simply ignored that and removed that part.

Just a guess tho.

Agreed, it was just more of a test / answer to the OPs question.
Also, as I noted mine was a sample size of one. No idea if there are more versions of the malware out there and what other capabilities they have.

And there is also the thread that witcher_sense started here: https://bitcointalk.org/index.php?topic=5273132

Stay safe.

-Dave

Thanks for this guidance. Quick question: how do I move the transaction via flash drive or QR code to the airgapped computer? Just not so obvious in the product. If there is a tutorial somewhere, happy to look at that.

You need to export/save the transaction instead of broadcasting it.
Then simply move that transaction (saved to file) via USB or scan it with a camera (QR).
On the other device, load the transaction via electrum, then sign/broadcast it.

On the watch only wallet, you input your destination address and amount normally, and hit the "pay" button. Then choose your fee and hit "send" (or "finalize" if you are using advanced preview). Once you've done that, on the new window which opens down the bottom left you will see the option to "Export" the transaction you have created. From that drop down menu, you can choose to either export it to a file to put on a USB stick and transfer to your cold wallet, or to display it as a QR code.

On the cold wallet, go to Tools -> Load transaction, and choose either from file (which will open a file explorer) or from QR code (which will activate any attached camera). You can then sign that transaction, and then reverse the steps to move the signed transaction back to your watch only wallet. Once you've loaded the signed transaction on your watch only wallet, you will be able to hit the "Broadcast" button to send it.

There's a tutorial for this on the Electrum documentation, but the screenshots are quite out of date: https://electrum.readthedocs.io/en/latest/coldstorage.html

Thanks Bob123 and oeleo. Really helpful, and totally makes sense. All the cool features in Electrum are starting to become clear.

Hate to backtrack a bit, but I did a small transfer, not using the airgapped wallet technique, and it seems the transfer is "pending" and has stayed that way for nearly 12 hours. It definitely did not make it to the blockchain. I used the known safe server recommended earlier, which worked previously with a different wallet. Just wondering if there are some known reasons for the pending state, and possible workarounds?

Is this showing up as "Pending" in the "History" tab on Electrum? If so, most likely it is just that the fee is too low.

If you go to the transaction, right click on it, and click on "View Transaction". Copy the "Transaction ID" from the top box and paste it in to this website: https://blockchair.com/

Does the transaction show up? If it does, what is the fee per vbyte?

You haven't successfully created a transaction.
The "pending" in the send tab means that you've just clicked "save" or cancelled the window that pop-up after you click "pay".
That invoice is incomplete/outdated, I'd suggest you to delete it (right-click->delete).

For now pay no attention to the "send" tab's invoices, those aren't related to the blockchain, those are client-based entries.
Refer to the "history" tab instead and check if there're other entries that might be another (un)successful attempt, if there none, send it again.