Bitcoin Forum
April 08, 2020, 04:39:45 PM *
News: Latest Bitcoin Core release: 0.19.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 3 4 [All]
  Print  
Author Topic: There has been an increased number of "fake" electrums out there, be careful.  (Read 1549 times)
Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 27, 2018, 05:12:50 AM
Last edit: December 27, 2018, 05:39:09 AM by Coding Enthusiast
Merited by theymos (25), Foxpup (10), suchmoon (10), LoyceV (10), NeuroticFish (5), dbshck (5), bones261 (2), BitcoinGirl.Club (2), squatter (2), Heisenberg_Hunter (2), asche (2), MagicByt3 (2), seoincorporation (1), BitHodler (1), AdolfinWolf (1), xenon131 (1), khufuking (1), sncc (1), butka (1), wry (1)
 #1

The real links are:
https://github.com/spesmilo/electrum (the github repository hosting the code)
https://electrum.org/ (website of the project)
6694D8DE7BE8EE5631BED9502BD5824B7F9470E6 (the real PGP public key of the developer)

Anything else is fake. Don't just trust me, double and triple check these values yourself.

I have also included the PGP public key because I have been seeing many scammers in the past signing the malicious Electrum releases with a PGP public key (obviously a different one that they own) and if you check the signature with their public key you will see a correct signature and it can create the illusion of being real!

Additionally if you see the following error message, ignore it and change your server. It is the malicious server of the attacker and as you can see the link is also fake:



More information:
https://github.com/spesmilo/electrum/issues/4953
https://github.com/spesmilo/electrum/issues/4968

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
1586363985
Hero Member
*
Offline Offline

Posts: 1586363985

View Profile Personal Message (Offline)

Ignore
1586363985
Reply with quote  #2

1586363985
Report to moderator
1586363985
Hero Member
*
Offline Offline

Posts: 1586363985

View Profile Personal Message (Offline)

Ignore
1586363985
Reply with quote  #2

1586363985
Report to moderator
Best ratesfor crypto
EXCHANGE
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1586363985
Hero Member
*
Offline Offline

Posts: 1586363985

View Profile Personal Message (Offline)

Ignore
1586363985
Reply with quote  #2

1586363985
Report to moderator
1586363985
Hero Member
*
Offline Offline

Posts: 1586363985

View Profile Personal Message (Offline)

Ignore
1586363985
Reply with quote  #2

1586363985
Report to moderator
1586363985
Hero Member
*
Offline Offline

Posts: 1586363985

View Profile Personal Message (Offline)

Ignore
1586363985
Reply with quote  #2

1586363985
Report to moderator
tUnes3
Jr. Member
*
Offline Offline

Activity: 39
Merit: 2


View Profile
December 27, 2018, 05:30:06 AM
 #2

Below is the link to view the public PGP key of the developer, Thomas V.

https://pgp.key-server.io/pks/lookup?op=get&search=0x2BD5824B7F9470E6

On that web page, there is a link to download the key.
Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 06:01:18 AM
 #3

Yes i fell for it because i was in a hurry and didn't expect a pop-up within a legit version to be a phishing link. Do you know if they think it was just the standalone client that is the issue or is it malicious files aside from it? I plan on wiping and reinstalling OS in the morning but don't want to if i don't have to ( i know, i know i probably should just to be safe)
TryNinja
Legendary
*
Offline Offline

Activity: 1344
Merit: 1924



View Profile
December 27, 2018, 06:15:34 AM
Last edit: December 27, 2018, 06:27:03 AM by TryNinja
 #4

Yes i fell for it because i was in a hurry and didn't expect a pop-up within a legit version to be a phishing link. Do you know if they think it was just the standalone client that is the issue or is it malicious files aside from it? I plan on wiping and reinstalling OS in the morning but don't want to if i don't have to ( i know, i know i probably should just to be safe)
Either you already had a malicious version of Electrum, or the pop up was coming from a different malicious software/website. There is not even a single chance the pop up came from the official Electrum. That's a fact.

Edit: thought that this was the first post from the user and literally missed the OP. Sorry.

SuperInvestor
Jr. Member
*
Offline Offline

Activity: 66
Merit: 2


View Profile
December 27, 2018, 06:16:19 AM
 #5

Hey! , Thanks for this GentleMen!, but it's too late already  Cry https://bitcointalk.org/index.php?topic=5089945.0
Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 27, 2018, 06:18:49 AM
Merited by Foxpup (4)
 #6

Do you know if they think it was just the standalone client that is the issue or is it malicious files aside from it?

If you have downloaded the files (standalone, portable, linux tar.gz file,...) from anywhere else other than the legitimate links, then they are all malicious and should not be used.

There is not even a single chance the pop up came from the official Electrum. That's a fact.

The "pop up message" that I posted in OP is appearing in Electrum (the real wallet software). It was a bug that was being exploited where the server can return an error message and it showed up like what you see in your wallet. The error message is returned when you send a transaction.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 06:20:54 AM
 #7

Yes i fell for it because i was in a hurry and didn't expect a pop-up within a legit version to be a phishing link. Do you know if they think it was just the standalone client that is the issue or is it malicious files aside from it? I plan on wiping and reinstalling OS in the morning but don't want to if i don't have to ( i know, i know i probably should just to be safe)
Either you already had a malicious version of Electrum, or the pop up was coming from a different malicious software/website. There is not even a single chance the pop up came from the official Electrum. That's a fact.

that's actually false and i know my version was a real version. I also just saw the comments on their GitHub page. It is coming from malicious servers through official electrum client. Which prompts a pop up to download the malicious client.

https://github.com/spesmilo/electrum/issues/4968
Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 06:27:41 AM
 #8

Do you know if they think it was just the standalone client that is the issue or is it malicious files aside from it?

If you have downloaded the files (standalone, portable, linux tar.gz file,...) from anywhere else other than the legitimate links, then they are all malicious and should not be used.


i know that, i have since wiped all the electrum files i could find since i downloaded the malicious file. I am at the point i will most likely reformat my hard drive in the morning as i am unsure at this point if any other malware was attached to it aside from the malicious client
TryNinja
Legendary
*
Offline Offline

Activity: 1344
Merit: 1924



View Profile
December 27, 2018, 06:27:50 AM
 #9

that's actually false and i know my version was a real version. I also just saw the comments on their GitHub page. It is coming from malicious servers through official electrum client. Which prompts a pop up to download the malicious client.

https://github.com/spesmilo/electrum/issues/4968
Yeah. I thought this thread was the older one from the other user and missed the OP. Sorry about that.

Unfortunately, there is still nothing you can do to recover your coins.

Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 06:33:55 AM
 #10

that's actually false and i know my version was a real version. I also just saw the comments on their GitHub page. It is coming from malicious servers through official electrum client. Which prompts a pop up to download the malicious client.

https://github.com/spesmilo/electrum/issues/4968
Yeah. I thought this thread was the older one from the other user and missed the OP. Sorry about that.

Unfortunately, there is still nothing you can do to recover your coins.


i am not worried about that. I use a hardware wallet normally and only use electrum from time to time for small quick transactions.

I am however worried what was all attached the bogus client i downloaded. I have wiped anything electrum related but feel like i should be wiping my whole drive just in case.
Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 07:40:23 AM
Merited by theymos (10)
 #11

When you download the fake client they must get your seed/password somehow. I wiped electrum files then restore the wallet from seed and put 2$ in there an let it sit. They just emptied the wallet again about 30 mintues ago.
bitdaric
Copper Member
Member
**
Offline Offline

Activity: 238
Merit: 17


View Profile WWW
December 27, 2018, 01:02:22 PM
 #12

is android version in safe? Smiley
bitcoinfuck
Full Member
***
Offline Offline

Activity: 632
Merit: 106


Europe Belongs To Christians


View Profile
December 27, 2018, 01:05:51 PM
 #13

When you download the fake client they must get your seed/password somehow. I wiped electrum files then restore the wallet from seed and put 2$ in there an let it sit. They just emptied the wallet again about 30 mintues ago.


maybe UI is doing http post request of your seed ?  did you do wireshark ? or can you share the software with me i can try to run it and find which domains its connecting too

[/url]
asche
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1044


I forgot more than you will ever know.


View Profile
December 27, 2018, 01:18:49 PM
 #14

good catch ! Thank you for sharing Smiley

Edit: was going to report the github repository but it has been closed already.

bL4nkcode
Copper Member
Hero Member
*****
Offline Offline

Activity: 1512
Merit: 912


Please help Bruno: https://bit.ly/2wLBpte


View Profile
December 27, 2018, 01:19:52 PM
 #15

Threads like this bother me, luckily I'm not a fan of downloading an update of electrum as in an urgent manner, also I get nothing any notification when I opened the software.

And I do always make a practice to see the tweet of electrum official twitter account first before doing something though it might not be a good suggestion but it will help somehow. And I hope victims will not be much for this incident.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
BitHodler
Legendary
*
Offline Offline

Activity: 1526
Merit: 1179


View Profile
December 27, 2018, 01:55:34 PM
 #16

The "pop up message" that I posted in OP is appearing in Electrum (the real wallet software). It was a bug that was being exploited where the server can return an error message and it showed up like what you see in your wallet. The error message is returned when you send a transaction.
This is actually very concerning since this isn't the first time Electrum as very trusted client has had some issues to work out. Good thing however is that they are pretty quick with patching bugs.

Another clear sign why the Core client is so dominant. It's by far the most secure client out there and people rightfully trust it with everything they have. The only thing is that average joes don't like running a full node client.

Not sure if and when, but if this continues people might lose confidence in Electrum and ditch it for good. It's a shame since it's one of the better SPV wallets available, but you can't endlessly make headlines like this....

BSV is not the real Bcash. Bcash is the real Bcash.
MagicByt3
Sr. Member
****
Offline Offline

Activity: 504
Merit: 349


BSV IS NOT BITCOIN


View Profile
December 27, 2018, 02:04:31 PM
Merited by LoyceV (1)
 #17

Another reason for Full-Validation, 
Was only a matter of time before the the servers became a point of attack.


Signalyze Market Metrics
Track All Binance Pairs, Set Telegram & Desktop Alerts, Discord & Telegram Groups
[https://signalyze.co.uk]
khufuking
Sr. Member
****
Offline Offline

Activity: 840
Merit: 266



View Profile WWW
December 27, 2018, 02:09:58 PM
 #18

I posted the warning in my local board, I hope everyone can do the same with his own language I bet we will see a lot of thread about losing Bitcoin with Electrum soon. Please, everyone, have a chance to alert others please do so.

████████              ████████
 ▀███████     █      ███████▀      ▄▄▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄      ▄▄▄▄                               ▄▄         ▄▄▄        ▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
   ▀██████   ███    ██████▀    ▄▄█████████████▀   █████      ████              ▄██▄             ███▄       ███    ▄▄█████████████▀    █████████████▀
     ▀███▌ ▄██ ██▄ █████▀     ██████▀▀▀▀▀▀▀▀▀     █████      ████            ▄██████▄           █████▄     ███   ██████▀▀▀▀▀▀▀▀▀      ████▀▀▀▀▀▀▀▀ 
       █▀▄███   █ ████▀      █████▀               ███████████████          ▄██████████▄         ███████▄   ███  █████▀     ▄▄▄▄▄▄▄▄   ████▄▄▄▄▄▄▄▄▄▄▄
       ▄████     ███▀▄       █████                ███████████████        ▄█████▀ ▀██████▄       ███ ▀████▄ ███  █████    ▄█████████   █████████████▀
     ▄█████ ▐█  ██▌▄███▄      █████▄              █████      ████      ▄█████▀     ▀██████▄     ███   ▀███████   █████▄        ████   ████
   ▄██████ ▐██ ██  ██████▄     ███████████████▀   █████      ████    ▄█████▀  ▄█████████████▄   ███     ▀█████    █████████████████   █████████████▀
 ▄██████     ███    ███████▄    ▀▀██████████▀     █████      ████  ▄█████▀  ▄█████████████████▄ ███       ▀███     ▀▀██████████████   ███████████▀
███████       █      ████████


▬▬▬▬▬▬▬▬▬▬▬▬▬▬
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
[
.BUY TOKEN!.
]██████
██
██
██
██
██
██
██
██
██
██
██
██████
        ▄▄████████▄▄
     ▄████████████████▄
   ▄████████████████████▄
  ███████████████▀▀  █████
 ████████████▀▀      ██████
▐████████▀▀   ▄▄     ██████▌
▐████▀▀    ▄█▀▀     ███████▌
▐████████ █▀        ███████▌
 ████████ ▄███▄   ███████
  ████████████████▄▄██████
   ▀████████████████████▀
     ▀████████████████▀
        ▀▀████████▀▀
██████
██
██
██
██
██
██
██
██
██
██
██
██████
Lucius
Legendary
*
Offline Offline

Activity: 1750
Merit: 1643


⚔Fortis Fortuna Adiuvat⚔


View Profile WWW
December 27, 2018, 02:21:32 PM
 #19

This is actually very concerning since this isn't the first time Electrum as very trusted client has had some issues to work out. Good thing however is that they are pretty quick with patching bugs.

Previous issue was fairly harmless compared to this. To users get hacked before version 3.0.5 he need to have wallet which is password unprotected and to have this wallet open on a particular web page which can then use this vulnerability to stole users funds.

This new issue is far more dangerous because hackers use original Electrum wallet to trick users to upgrade to fake wallet. For now this issue is not fixed, and the attack is still being performed. So far 15(new data say up to 250) BTC is stolen, only good thing is this happens in time of holidays when many are away from their devices and BTC.

https://bitcointalk.org/index.php?topic=5089945.0

hubballi
Sr. Member
****
Offline Offline

Activity: 882
Merit: 297


View Profile
December 27, 2018, 02:52:51 PM
Last edit: December 27, 2018, 03:09:15 PM by hubballi
 #20

The hacker have hacked 200 btc in one wallet and 243 btc in another wallet and some small btc in lot of wallets so nearby 500+ btc is stolen through this virus, and still electrum are not able to stop this hacking attack.

https://www.blockchain.com/btc/address/1MkM9Q6xo5AHZkLv2sTGLYb3zVreE6wBkj - 243 btc

https://www.blockchain.com/btc/address/14MVEf1X4Qmrpxx6oASqzYzJQZUwwG7Fb5 - 200 btc - this has been transferred to above wallet.

So far this is the detail, more dont know

Chandu141
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


Your Campaign Manager!


View Profile
December 27, 2018, 03:52:22 PM
 #21

Looks like the exploit over and all the funds stolen from three servers transferred to the explorer's main wallet which shows about 243.5 BTC  
https://www.blockchain.com/btc/address/1MkM9Q6xo5AHZkLv2sTGLYb3zVreE6wBkj

may be more incoming may appear.. but i am suspecting this is their bank address..  

Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 27, 2018, 04:16:10 PM
 #22

Another reason for Full-Validation, 
Was only a matter of time before the the servers became a point of attack.

This has nothing to do with being an SPV client. It is about the implementation (software) having a flaw that was exploited and it can happen to any software whether it is a full node or an SPV one.
The weakness was in a "feature" in Electrum where the server you connect to can send you a well formatted message (containing a link like the posted screenshot for example).

It may not be completely similar but Bitcoin-Core's alert system comes to mind which was a point of weakness that could be exploited in a similar fashion. That is removed now.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
squatter
Legendary
*
Offline Offline

Activity: 1414
Merit: 1129


STOP SNITCHIN'


View Profile
December 27, 2018, 06:35:05 PM
 #23

Thanks so much for the warning, Coding Enthusiast.

Just to clarify, we're safe as long as we don't follow the link and download the software, correct? Is there any danger if you use a watching-only/offline signing setup?

HCP
Legendary
*
Offline Offline

Activity: 1302
Merit: 2330

<insert witty quote here>


View Profile
December 27, 2018, 07:04:57 PM
 #24

Just to clarify, we're safe as long as we don't follow the link and download the software, correct? Is there any danger if you use a watching-only/offline signing setup?
That is correct.

The current client itself is "safe"... This is a social engineering exploit that was abusing a "feature" within the Electrum client to try and trick users into downloading a malicious version of the client. The attack requires that you to download and run the malicious software to steal your coins.

So, if you are currently using the client from https://electrum.org/#download and have not downloaded or installed the "fake" client that was being promoted in this attack, you will be OK.

kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 27, 2018, 09:23:16 PM
 #25

So ... since the hack is provided by github, can you blame Microsoft for it?

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 27, 2018, 09:53:32 PM
 #26

...
It may not be completely similar but Bitcoin-Core's alert system comes to mind which was a point of weakness that could be exploited in a similar fashion. That is removed now.
I'm pretty sure no security expert would call them similar since core required a security key ...

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Heydude1
Newbie
*
Offline Offline

Activity: 10
Merit: 10


View Profile
December 27, 2018, 10:07:57 PM
 #27

So ... since the hack is provided by github, can you blame Microsoft for it?

The electrum-projects one was actually verified by github and had the green verified logo next to it. That is another factor that led to me downloading it.

I emailed them about that and got no response.
HCP
Legendary
*
Offline Offline

Activity: 1302
Merit: 2330

<insert witty quote here>


View Profile
December 28, 2018, 12:22:54 AM
 #28

The electrum-projects one was actually verified by github and had the green verified logo next to it. That is another factor that led to me downloading it.
What is this "verified logo"? Huh

I don't recall ever seeing any Github repo that has a "verified by github" logo attached to it? Even the official Electrum repo here doesn't seem to have any verified logo? Huh

Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 28, 2018, 04:05:16 AM
 #29

I emailed them about that and got no response.
It took them about half a day to respond but I've gotten the answer to my report and now the account and the page are both removed from GitHub.

The electrum-projects one was actually verified by github and had the green verified logo next to it. That is another factor that led to me downloading it.
What is this "verified logo"? Huh

I don't recall ever seeing any Github repo that has a "verified by github" logo attached to it? Even the official Electrum repo here doesn't seem to have any verified logo? Huh
"Verified" simply means that the commit in that repository was signed. It can be when you commit things through the webpage when signed in so they are signed with GitHub's key, or if you use git (for example I push commits from Visual Studio) you have to either signed them with a PGP key or they are not marked as verified.
This doesn't mean much though!
https://help.github.com/articles/managing-commit-signature-verification/
An example: https://i.imgur.com/lWER7ZL.jpg

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
hatshepsut93
Legendary
*
Online Online

Activity: 1484
Merit: 1158


( ͡° ͜ʖ ͡°)


View Profile
December 28, 2018, 05:24:54 AM
Merited by Coding Enthusiast (2)
 #30

What we can learn from this attack to avoid something similar in the future:

1. Read everything very-very carefully, especially things like links to websites, repositories, etc. Always verify the signatures of the developers.

2. Don't panic, don't immediately rush to follow some instructions. Instead, check the official website, official repository, this forum for more details regarding the issue.

3. If you are simply holding coins in cold storage (as opposed to running a business, for example), you'll be safe from majority of potential attacks. This means you have more time to wait for more details regarding the issue.

4. Be slightly suspicious of all patches and hotfixes, there's always some risk that developers or their accounts and private keys were compromised. Again, carefully study the issue before acting.

Retina
Member
**
Offline Offline

Activity: 252
Merit: 59


View Profile
December 28, 2018, 07:23:09 AM
 #31

I lost 2 BTC ( 35k$ )  last year because of Electrum got hacked an i have downloaded fake wallet.
do not use Electrum people
I do not understand that if you're a little careful then how is it possible because things are so trustworthy, how can it be hacked without your negligence, you should use a good quality anti-virus & while installing something else .
Rayser
Newbie
*
Offline Offline

Activity: 17
Merit: 2


View Profile
December 28, 2018, 08:43:12 AM
 #32

I lost 2 BTC ( 35k$ )  last year because of Electrum got hacked an i have downloaded fake wallet.
do not use Electrum people
I do not understand that if you're a little careful then how is it possible because things are so trustworthy, how can it be hacked without your negligence, you should use a good quality anti-virus & while installing something else .
Anti-virus won't help you.

Better if you install Linux and check the PGP signature of your Electrum download.
asche
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1044


I forgot more than you will ever know.


View Profile
December 28, 2018, 08:54:45 AM
 #33

Better if you install Linux and check the PGP signature of your Electrum download.

You don't need linux to do that. You can do it with windows just fine.

Lucius
Legendary
*
Offline Offline

Activity: 1750
Merit: 1643


⚔Fortis Fortuna Adiuvat⚔


View Profile WWW
December 28, 2018, 10:54:37 AM
 #34

I lost 2 BTC ( 35k$ )  last year because of Electrum got hacked an i have downloaded fake wallet.
do not use Electrum people

Electrum is not got hacked as you say, some people just take advantage of Google AdWords service and run advertising campaign with fake Electrum sites. You use Google search engine to find Electrum site and then click on first results you get, in most cases this was fake site. So you lost 2 BTC just because you did not pay attention from where you download wallet, even simple adblock in browser would stop you to see such site.

What we can learn from this attack to avoid something similar in the future...

Some people just never learn, and regardless of what is happening right now they will lose money again. However this scam is very ingeniously conducted by using original Electrum wallet, and for most less experienced users it turned out to be a perfect trap.

I have to admit that after this Electrum can no longer be considered as safe wallet, this cheap trick should have been foreseen and stoped long time ago. I just wonder how many more exploits are still in Electrum and will be used one day against users?

hatshepsut93
Legendary
*
Online Online

Activity: 1484
Merit: 1158


( ͡° ͜ʖ ͡°)


View Profile
December 28, 2018, 11:31:25 AM
 #35

Some people just never learn, and regardless of what is happening right now they will lose money again. However this scam is very ingeniously conducted by using original Electrum wallet, and for most less experienced users it turned out to be a perfect trap.

This is why it's wrong to blame the victims. People here so often say "it's your own fault for downloading fake wallet", but it only means that Bitcoin's user experience is not yet ready for mass adoption. I can easily imagine my friends or relatives losing their coins to this attack or some of the previous attacks.


I have to admit that after this Electrum can no longer be considered as safe wallet, this cheap trick should have been foreseen and stoped long time ago. I just wonder how many more exploits are still in Electrum and will be used one day against users?

Perhaps other wallets have many vulnerabilities too, and Electrum gets attacked more frequently because it's very popular. But I'm going to stop using Electrum if the next vulnerability will be critical or if Core will get a decent GUI.

vv181
Sr. Member
****
Offline Offline

Activity: 924
Merit: 336


Africans on forum, check my profile website


View Profile WWW
December 28, 2018, 12:32:16 PM
 #36

Some people just never learn, and regardless of what is happening right now they will lose money again. However this scam is very ingeniously conducted by using original Electrum wallet, and for most less experienced users it turned out to be a perfect trap.

This is why it's wrong to blame the victims. People here so often say "it's your own fault for downloading fake wallet", but it only means that Bitcoin's user experience is not yet ready for mass adoption. I can easily imagine my friends or relatives losing their coins to this attack or some of the previous attacks.

UX design is yet still the main problem in the cryptocurrencies scene, we can't blame the developer for it since its still a brand new revolutionary technologies that still improving on a major core system(LN, etc). But I believe the mainstream could help improve the cryptocurrencies ecosystem by improving the usability and accessibility for cryptocurrency software.

Beside the UX design, the user must realize too the state of the current problem, they need to educate themselves, and recheck for any critical information that could compromise their wallet.
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1358
Merit: 1220


people run from rain but sit in bathtubs of water


View Profile
December 28, 2018, 12:34:08 PM
 #37

The electrum-projects one was actually verified by github and had the green verified logo next to it. That is another factor that led to me downloading it.
What is this "verified logo"? Huh

I don't recall ever seeing any Github repo that has a "verified by github" logo attached to it? Even the official Electrum repo here doesn't seem to have any verified logo? Huh
Hmm.

Maybe he is referring to the {VERIFIED} tag that is next to some accounts of prominent companies such as AirBNB et al..? -- https://github.com/airbnb


You're right though, even https://github.com/spesmilo doesn't have that..  Undecided I really doubt that a random repo would get that.

daianapotter
Full Member
***
Offline Offline

Activity: 406
Merit: 100



View Profile WWW
December 28, 2018, 01:42:01 PM
 #38

Some people just never learn, and regardless of what is happening right now they will lose money again. However this scam is very ingeniously conducted by using original Electrum wallet, and for most less experienced users it turned out to be a perfect trap.

This is why it's wrong to blame the victims. People here so often say "it's your own fault for downloading fake wallet", but it only means that Bitcoin's user experience is not yet ready for mass adoption. I can easily imagine my friends or relatives losing their coins to this attack or some of the previous attacks.


I have to admit that after this Electrum can no longer be considered as safe wallet, this cheap trick should have been foreseen and stoped long time ago. I just wonder how many more exploits are still in Electrum and will be used one day against users?

Perhaps other wallets have many vulnerabilities too, and Electrum gets attacked more frequently because it's very popular. But I'm going to stop using Electrum if the next vulnerability will be critical or if Core will get a decent GUI.

If people that know a little of bitcoin got his/her coins gone.... imagine how will be with "normal"people. Bitcoin and cripto had a long way to go.

Do you live in USA? Would you like save money in your mobile bill? Or when you buy a car? Or pay less in you morgate? FOR FREE!!!! ---> rNetwork
If you want earn bitcoin ---> cryptocurrency trading contracts.I have proof of payment =) I have earn 234 dollars Cheesy---> NUI International
xenon131
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 665


making something real from dark matter


View Profile
December 28, 2018, 02:22:10 PM
 #39

Hi to all, I've shared fishing warning with Russian-speaking community  but a have a question whether the hardware based clients ( like Ledger nano s) are vulnerable to such kind of attack? Basically they're  light clients and rely on 3-rd parties servers.  

AdolfinWolf
Legendary
*
Offline Offline

Activity: 1358
Merit: 1220


people run from rain but sit in bathtubs of water


View Profile
December 28, 2018, 06:38:49 PM
 #40

Hi to all, I've shared fishing warning with Russian-speaking community  but a have a question whether the hardware based clients ( like Ledger nano s) are vulnerable to such kind of attack? Basically they're  light clients and rely on 3-rd parties servers.  

I believe (someone should correct me if i'm wrong, since i am far from an expert on hardware wallets.) all transactions made on a Ledger Nano S are done through their own servers, which are owned by no one but the corporation behind Ledger Nano S, so chances that this will happen on their devices/chrome app seems rather slim.

(They'd have to be the ones sabotaging their own servers, which wouldn't make any sense..?)




asche
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1044


I forgot more than you will ever know.


View Profile
December 28, 2018, 08:11:49 PM
 #41

Hi to all, I've shared fishing warning with Russian-speaking community  but a have a question whether the hardware based clients ( like Ledger nano s) are vulnerable to such kind of attack? Basically they're  light clients and rely on 3-rd parties servers.  

I believe (someone should correct me if i'm wrong, since i am far from an expert on hardware wallets.) all transactions made on a Ledger Nano S are done through their own servers, which are owned by no one but the corporation behind Ledger Nano S, so chances that this will happen on their devices/chrome app seems rather slim.

(They'd have to be the ones sabotaging their own servers, which wouldn't make any sense..?)





Every infected computer is vulnerable.
When using a HW wallet on an infected computer, the malware could modify the inputs you send to the HW wallet.
If you verify every detail on the HW wallet itself you should be safe.

However if you don't, you will be vulnerable to this kind of attack.


AdolfinWolf
Legendary
*
Offline Offline

Activity: 1358
Merit: 1220


people run from rain but sit in bathtubs of water


View Profile
December 28, 2018, 08:26:38 PM
 #42

Every infected computer is vulnerable.
When using a HW wallet on an infected computer, the malware could modify the inputs you send to the HW wallet.
If you verify every detail on the HW wallet itself you should be safe.

However if you don't, you will be vulnerable to this kind of attack.


That is totally unrelated as to whether an Electrum-esque attack as we've just seen can happen with Ledger software, to which the answer probably is; no. (due to the ledger servers being solely operated by they themselves.)


Quote
However if you don't, you will be vulnerable to this kind of attack.
The electrum attack that happend also affected non-infected users... which per your criteria, shouldn't be possible?




HCP
Legendary
*
Offline Offline

Activity: 1302
Merit: 2330

<insert witty quote here>


View Profile
December 29, 2018, 12:37:46 AM
 #43

This attack is really just a variation on those browser popups that pretend to be a message from Microsoft saying that your computer is infected and you need to call 1-800-PLZ-SCAM-ME for assistance... or visit some website and download a virus removal tool which actually installs malware on your PC.

Basically, a somewhat "official" looking notification is sent to a user via the abuse of a feature (popup notifications in browser, server error message in Electrum) ... they believe it and follow the instructions and end up downloading malware with a subsequent financial loss. Undecided

Kakmakr
Legendary
*
Offline Offline

Activity: 1960
Merit: 1419



View Profile
December 29, 2018, 06:45:03 AM
Merited by kano (5)
 #44

You not going to stop social engineered attacks like this with messages on a forum. They will need to build a warning system or a popup notice into the wallet application to warn people who are not reading forums.

They will also have to work on a system for people to validate servers that are owned and operated by the Electrum team. This is the problem when you work through centralized organizations to access your coins.  Angry 

.freebitcoin.       ▄▄▄█▀▀██▄▄▄
   ▄▄██████▄▄█  █▀▀█▄▄
  ███  █▀▀███████▄▄██▀
   ▀▀▀██▄▄█  ████▀▀  ▄██
▄███▄▄  ▀▀▀▀▀▀▀  ▄▄██████
██▀▀█████▄     ▄██▀█ ▀▀██
██▄▄███▀▀██   ███▀ ▄▄  ▀█
███████▄▄███ ███▄▄ ▀▀▄  █
██▀▀████████ █████  █▀▄██
 █▄▄████████ █████   ███
  ▀████  ███ ████▄▄███▀
     ▀▀████   ████▀▀
BITCOIN
DICE
EVENT
BETTING
WIN A LAMBO !

.
            ▄▄▄▄▄▄▄▄▄▄███████████▄▄▄▄▄
▄▄▄▄▄██████████████████████████████████▄▄▄▄
▀██████████████████████████████████████████████▄▄▄
▄▄████▄█████▄████████████████████████████▄█████▄████▄▄
▀████████▀▀▀████████████████████████████████▀▀▀██████████▄
  ▀▀▀████▄▄▄███████████████████████████████▄▄▄██████████
       ▀█████▀  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  ▀█████▀▀▀▀▀▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.PLAY NOW.
hatshepsut93
Legendary
*
Online Online

Activity: 1484
Merit: 1158


( ͡° ͜ʖ ͡°)


View Profile
December 29, 2018, 07:01:18 AM
Merited by Coding Enthusiast (1)
 #45

You not going to stop social engineered attacks like this with messages on a forum. They will need to build a warning system or a popup notice into the wallet application to warn people who are not reading forums.

They will also have to work on a system for people to validate servers that are owned and operated by the Electrum team. This is the problem when you work through centralized organizations to access your coins.  Angry 

No, they shouldn't, things like that can also be a security risk, and it also gives more power to developers, which isn't a good thing. This would require all Electrum clients to connect to some trusted server that can relay messages, and this would be against Electrum's philosophy of decentralization.

They will also have to work on a system for people to validate servers that are owned and operated by the Electrum team. This is the problem when you work through centralized organizations to access your coins.  Angry 

I guess you don't understand how Electrum works. There are no official servers, anyone can run a server. The hacker has spawned many servers to make as many people as possible to connect to them. The problem here is that malicious servers could display a popup when people sent transactions. This was a flaw in the software, it wasn't clear that that was just an error message that came from a server, and attackers had the ability to write arbitrary text there.

igor72
Hero Member
*****
Offline Offline

Activity: 714
Merit: 912


View Profile
December 29, 2018, 07:55:00 AM
 #46


I believe (someone should correct me if i'm wrong, since i am far from an expert on hardware wallets.) all transactions made on a Ledger Nano S are done through their own servers, which are owned by no one but the corporation behind Ledger Nano S, so chances that this will happen on their devices/chrome app seems rather slim.

(They'd have to be the ones sabotaging their own servers, which wouldn't make any sense..?)
No, transactions made on a hardware wallet paired with Electrum are done through Electrum servers.
Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 29, 2018, 09:25:20 AM
 #47

They will need to build a warning system or a popup notice into the wallet application to warn people who are not reading forums.

This IS what this attacker was using! The feature to send a warning message from the server.

The only way it can be prevented is if the servers can only send predefined messages. For example they can send a "code number" like sending 1 means you need to update, sending 2 means there is a fork going on,... so that it is not arbitrary.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1358
Merit: 1220


people run from rain but sit in bathtubs of water


View Profile
December 29, 2018, 11:35:17 AM
 #48


I believe (someone should correct me if i'm wrong, since i am far from an expert on hardware wallets.) all transactions made on a Ledger Nano S are done through their own servers, which are owned by no one but the corporation behind Ledger Nano S, so chances that this will happen on their devices/chrome app seems rather slim.

(They'd have to be the ones sabotaging their own servers, which wouldn't make any sense..?)
No, transactions made on a hardware wallet paired with Electrum are done through Electrum servers.
So what you're saying is that Ledger Nano is paired with electrum/using the same servers? Huh.

Do you have any sources on that? i find that hard to believe.

Everything source i find points towards Ledger Nano S having specific servers ran only by the company behind the nano S.


I don't think any of the popular hardware wallets connect to Electrum servers?

igor72
Hero Member
*****
Offline Offline

Activity: 714
Merit: 912


View Profile
December 29, 2018, 01:12:58 PM
Merited by AdolfinWolf (1)
 #49

So what you're saying is that Ledger Nano is paired with electrum/using the same servers? Huh.

Do you have any sources on that? i find that hard to believe.


AdolfinWolf
Legendary
*
Offline Offline

Activity: 1358
Merit: 1220


people run from rain but sit in bathtubs of water


View Profile
December 29, 2018, 01:41:45 PM
 #50

So what you're saying is that Ledger Nano is paired with electrum/using the same servers? Huh.

Do you have any sources on that? i find that hard to believe.
<..>

That isn't by default though? if you use their chrome app, (which most people do i'm pretty sure) you obviously won't use electrum servers? and instead use their centralized servers?

igor72
Hero Member
*****
Offline Offline

Activity: 714
Merit: 912


View Profile
December 29, 2018, 02:12:16 PM
 #51

That isn't by default though? if you use their chrome app, (which most people do i'm pretty sure) you obviously won't use electrum servers? and instead use their centralized servers?
What do you mean by 'by default'? By default, the user uses software from Ledger (Ledger Live) - in this case the Ledger's servers are used. But if user connects HW wallet (Ledger, Trezor, Keepkey) to Electrum then transactions go through Electrum servers.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1974
Merit: 2315

Use SegWit and enjoy lower fees.


View Profile WWW
December 29, 2018, 08:13:05 PM
 #52

You not going to stop social engineered attacks like this with messages on a forum. They will need to build a warning system or a popup notice into the wallet application to warn people who are not reading forums.

They will also have to work on a system for people to validate servers that are owned and operated by the Electrum team. This is the problem when you work through centralized organizations to access your coins.  Angry 
No, they shouldn't, things like that can also be a security risk, and it also gives more power to developers, which isn't a good thing. This would require all Electrum clients to connect to some trusted server that can relay messages, and this would be against Electrum's philosophy of decentralization.

Furthermore, it will open another attack vector (single point of failure) by design. So if by any chance attacker could hack official server, many people won't even think to verify/check and will be fooled.

That isn't by default though? if you use their chrome app, (which most people do i'm pretty sure) you obviously won't use electrum servers? and instead use their centralized servers?

No one use chrome extension anymore, most people already move to Ledger Live and AFAIK the extension never updated again. But the beauty of some HW wallet is you can use any software wallet, not only "official" wallet provided by the creator.
User still need "official" wallet to install library to install/support certain type of cryptocurrency even they want to use another wallet

rokkyroad
Legendary
*
Offline Offline

Activity: 1091
Merit: 1000


View Profile
December 29, 2018, 09:45:17 PM
 #53

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore. These types of disasters can destroy crypto if left unchecked.

What's going to be next? Online wallets safer than software wallets?

" If you have to spam and shout to justify your existence then you are a shit coin."  TaunSew
pooya87
Legendary
*
Offline Offline

Activity: 1974
Merit: 2564


Remember tonight for it's the beginning of forever


View Profile
December 30, 2018, 03:31:35 AM
 #54

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.

kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 30, 2018, 07:13:07 AM
 #55

They will need to build a warning system or a popup notice into the wallet application to warn people who are not reading forums.

This IS what this attacker was using! The feature to send a warning message from the server.

The only way it can be prevented is if the servers can only send predefined messages. For example they can send a "code number" like sending 1 means you need to update, sending 2 means there is a fork going on,... so that it is not arbitrary.
Yet no one seems to note the blatantly obvious point to notify people about the problem, with a simple message, using this method that has allowed hackers to trick people into losing millions of dollars (as has happened) ...

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 30, 2018, 07:14:34 AM
 #56

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.
It didn't require a fake wallet - it happened with the official PGP signed wallet.

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Abdussamad
Legendary
*
Offline Offline

Activity: 2422
Merit: 1264



View Profile
December 30, 2018, 11:42:56 AM
 #57

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.
It didn't require a fake wallet - it happened with the official PGP signed wallet.

The message appeared on the legit wallet but it was just text. It was harmless. Only people who reacted to it by downloading the software linked in the text and not verifying that software suffered losses. So the real electrum didn't steal from them. It was the fake software that people went out of their way to download and use.
kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 30, 2018, 11:57:35 AM
 #58

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.
It didn't require a fake wallet - it happened with the official PGP signed wallet.

The message appeared on the legit wallet but it was just text. It was harmless. Only people who reacted to it by downloading the software linked in the text and not verifying that software suffered losses. So the real electrum didn't steal from them. It was the fake software that people went out of their way to download and use.
Yes we all know this - it has been stated a number of times before.

Indeed the Official Electrum displayed an update notice and link, to a verified github, that when installed, meant you lost your Bitcoins
... and literally millions of dollars of Bitcoins have been lost due to people trusting that messages posted by the official Electrum wallet would be valid ...

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
MagicByt3
Sr. Member
****
Offline Offline

Activity: 504
Merit: 349


BSV IS NOT BITCOIN


View Profile
December 30, 2018, 12:44:13 PM
 #59

This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.
It didn't require a fake wallet - it happened with the official PGP signed wallet.

The message appeared on the legit wallet but it was just text. It was harmless. Only people who reacted to it by downloading the software linked in the text and not verifying that software suffered losses. So the real electrum didn't steal from them. It was the fake software that people went out of their way to download and use.
Yes we all know this - it has been stated a number of times before.

Indeed the Official Electrum displayed an update notice and link, to a verified github, that when installed, meant you lost your Bitcoins
... and literally millions of dollars of Bitcoins have been lost due to people trusting that messages posted by the official Electrum wallet would be valid ...

have to agree with kano on this one this is a serious flaw in the official software that allowed attackers to perform this.
The fact is there was no protection on for users to stop the messages being shown all be it in a somewhat official looking manner.

As kano stated the feature is not like the old alert system in core that required keys before alert messages could be sent to the network.

Just out of curiosity what was the intended use for it in Electrum?

Signalyze Market Metrics
Track All Binance Pairs, Set Telegram & Desktop Alerts, Discord & Telegram Groups
[https://signalyze.co.uk]
Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
December 30, 2018, 02:01:29 PM
 #60

Just out of curiosity what was the intended use for it in Electrum?

AFAIK this is the way the servers communicate with the clients that connect to them. For example when you send a transaction with low fee you receive a message telling you why your transaction was rejected with a "low fee" message, or if you broadcast a message with wrong signature,... you'll receive another message, and so on.
The problem is that these messages (which are normally bitcoind responds) could be anything instead of being hard coded in the client and being predefined.

As kano stated the feature is not like the old alert system in core that required keys before alert messages could be sent to the network.

Of course the core alerts required a key (which also was compromised at some point prior to the system's retirement) while Electrum messages can be sent by anyone. And I do realize that it wasn't a good example but there is a good similarity there, which is why I mentioned it in first place.
For starters both cases are following a similar not-predefined message structure which the sender decides what to send. So the message could display anything including a link.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
kano
Legendary
*
Offline Offline

Activity: 3108
Merit: 1251


Linux since 1997 RedHat 4


View Profile
December 31, 2018, 11:08:45 PM
 #61

Just out of curiosity what was the intended use for it in Electrum?

AFAIK this is the way the servers communicate with the clients that connect to them. For example when you send a transaction with low fee you receive a message telling you why your transaction was rejected with a "low fee" message, or if you broadcast a message with wrong signature,... you'll receive another message, and so on.
The problem is that these messages (which are normally bitcoind responds) could be anything instead of being hard coded in the client and being predefined.

As kano stated the feature is not like the old alert system in core that required keys before alert messages could be sent to the network.

Of course the core alerts required a key (which also was compromised at some point prior to the system's retirement) while Electrum messages can be sent by anyone. And I do realize that it wasn't a good example but there is a good similarity there, which is why I mentioned it in first place.
For starters both cases are following a similar not-predefined message structure which the sender decides what to send. So the message could display anything including a link.
So that's your excuse for not doing anything about it when core started dealing with, quite a while ago, their WAY more secure method than yours?

And your argument is also hiding the facts.
The 'compromise' in security was not certainly know, and was not due to the secure method they used, but certainly assumed to be correct when MtGox was taken control by 'authorities' in Japan.
The assumption was that since Mark also had a key, the key was probably in the possession of 'the authorities'

Your example given is pointless at best, since there's really no comparison.
... are you gonna give up this pointless argument that anyone with any understanding of security would not argue? or continue digging your own grave with it?

Pool: https://kano.is 0.1 BTC bonus - low fee PPLNS 3 Days Here on Bitcointalk: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 765
Merit: 1469


Novice C♯ Coder


View Profile WWW
January 01, 2019, 04:30:40 AM
 #62

I have no affiliation with Electrum developers!
I can't understand why you are so worked up about a comparison though, even if it was a bad one.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.1.1)Ann-git
Denovo(0.0.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.1.0)Ann-git
SharpPusher(0.10.0)Ann-git
scyc
Newbie
*
Offline Offline

Activity: 5
Merit: 7


View Profile
February 08, 2019, 08:20:37 AM
 #63

Hi all,

This is my first post.

I believe I downloaded the recent fake Electrum on Github after seeing an update for 3.4.1.

Back in December/Jan, I tried to install in on iMac, and it was giving me warnings when I tried to run it.

However, then I left it for a while, and only today I heard about the fake Electrum.

I just wanted to ask....how do I remove or check what's been compromised on my MAC?

Thanks!
sc
asche
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1044


I forgot more than you will ever know.


View Profile
February 08, 2019, 08:41:55 AM
 #64

I just wanted to ask....how do I remove or check what's been compromised on my MAC?

The only thing that would be compromised here are your private keys.

if your funds are still accessible you should be fine.
To be sure just create a new wallet and transfer any remaining funds to it.

Pages: 1 2 3 4 [All]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!