Help in installing windows Electrum wallet

[bob123]

bob123 , as far I know in order to hacker can get a chance to steal coins from any Electrum before version 3.0.5 victim need to have open browser and run in a site where hacker is waiting his chance/of course victim need to have Electrum open/decrypted to make the hack successful. So in theory with no open browser older version are safe from this attack?

Well, in theory, an opened malicious browser site is one way to get a (non-encrypted) wallet compromised.
An attacker could also use a vulnerability of your OS or any service which run on your machine/network to get access to the RPC interface.

So, no. An open browser is not the only possiblity to get your funds stolen trough this vulnerability.

But, on the other hand, if your wallet is (properly) encrypted and the attacker does not have access to your password (e.g. via keylogger), your wallet should be safe.
But this also means, that the moment you want to use your wallet (decrypting it), an attacker could exploit this vulnerability to steal your private keys.

So, storing an (properly) encrypted wallet should be fine. But you shouldn't use it (send funds / sign messages) if you want to stay safe.


The best way is to always fix any issues and updating to the latest version.

[1715684668]

1715684668

[1715684668]

1715684668

[1715684668]

1715684668

[HCP]

But, on the other hand, if your wallet is (properly) encrypted and the attacker does not have access to your password (e.g. via keylogger), your wallet should be safe.
But this also means, that the moment you want to use your wallet (decrypting it), an attacker could exploit this vulnerability to steal your private keys.

So, storing an (properly) encrypted wallet should be fine. But you shouldn't use it (send funds / sign messages) if you want to stay safe.

As far as I'm aware... "using" the wallet file doesn't decrypt it on the disk. I've tested this by opening an encrypted wallet... entering the password, then opening the wallet file using a text editor while the wallet file is in use by Electrum. So if an attacker were to copy the file, regardless of if it is open or not, it will still be encrypted.

The wallet file is only decrypted into memory... something that the RPC vulnerability is not able to exploit.

So, unless the machine is compromised through some other method whereby the attacker has access to memory or keyloggers etc (in which case it doesn't matter if the user is running Electrum v3.1.3 (current latest version) or any of the vulnerable versions) then as long as the user has a "decent" password and/or encrypted the wallet file... then the RPC vulnerability isn't likely to be an issue.

[jackg]

As far as I'm aware... "using" the wallet file doesn't decrypt it on the disk. I've tested this by opening an encrypted wallet... entering the password, then opening the wallet file using a text editor while the wallet file is in use by Electrum. So if an attacker were to copy the file, regardless of if it is open or not, it will still be encrypted.

The wallet file is only decrypted into memory... something that the RPC vulnerability is not able to exploit.

Thi is correct. And it's the just the public key that is decrypted and placed in the memory (and the history of course). If you want to send a transaction, you still need your password to sign it therefore the private keys are still encrypted when you open your wallet. I'm assuming your password decrypts the entire wallet file and then the password then decrypts the wallet file and the private key sequentually.