Bitcoin Forum
October 14, 2019, 04:40:42 AM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: New Fake Electrum Wallet 3.3.4 steal all your coins!  (Read 94 times)
Bloedi
Newbie
*
Offline Offline

Activity: 30
Merit: 0


View Profile
February 02, 2019, 09:46:46 AM
 #1

I opened my Electrum Bitcoin Wallt and wanted to do a transaction over 60, - €.

After entering my password and transferring the data to the blockchain, I was shown a dialog that pointed out that the version of the Electrum Wallet 3.1.3 was out of date and I should download the new version 3.3.4.

The hint dialog refers to a repository of GitHub (Fake-Name: eIectrum-wallet) that suggests it is an authentic download source.

I do not understand how it was possible to show this hint dialog, because my Electrum Wallet 3.1.3 is an original version. It seems like the DNS request has been redirected or something similar.

In any case, about 1,500, - € were stolen from me by a seemingly Russian attacker:

https://www.blockchain.com/de/btc/tx/57c3362ec5eae46c76cbeed089168c35ccf5d687f33e0252a01997da408f6e82


He uses presumptive - among others this email address for his criminal activities: movlam4666@gmail.com

An e-mail with the following subject has been sent from my e-mail account:

Угyчий дoклaдeц

The email contained the following text:

Paзpeшeнo cлюньтяйничaть, ничeгo нe дeлaя, a знaчит пpeдcтaть "ycтapeлым" Зaпoлнить дaнныe


I assume that this email is related to the theft of my Bitcoin balance.

I always pay close attention to what I download where, but this attack has been cleverly staged so that the slightly different names are not noticeable until you look closely.

Anyway, that was my last Bitcoin balance.

Crypto currencies will have a difficult future if they are used primarily to make everyone cheat, rip off and shit.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571028042
Hero Member
*
Offline Offline

Posts: 1571028042

View Profile Personal Message (Offline)

Ignore
1571028042
Reply with quote  #2

1571028042
Report to moderator
1571028042
Hero Member
*
Offline Offline

Posts: 1571028042

View Profile Personal Message (Offline)

Ignore
1571028042
Reply with quote  #2

1571028042
Report to moderator
1571028042
Hero Member
*
Offline Offline

Posts: 1571028042

View Profile Personal Message (Offline)

Ignore
1571028042
Reply with quote  #2

1571028042
Report to moderator
HCP
Legendary
*
Offline Offline

Activity: 1120
Merit: 1828

<insert witty quote here>


View Profile
February 02, 2019, 09:56:51 AM
 #2

There have already been multiple threads/posts on here about exactly this issue. It started over 2 weeks ago.

The ONLY official place to download is: https://www.electrum.org/#home
Currently, the latest version is 3.3.3

AND you should ALWAYS verify the digital signature of the downloaded file before installing and/or running it.

For reference: https://bitcointalk.org/index.php?topic=5095856.0


I do not understand how it was possible to show this hint dialog, because my Electrum Wallet 3.1.3 is an original version. It seems like the DNS request has been redirected or something similar.
There was a flaw in the design of Electrum where it would just display the raw text of whatever "error" message was returned by an Electrum Server (including links!). Hacker set up a LOT (like hundreds) of "fake" servers that would send back the error message with link to fake update.

These issues have been resolved in (official) 3.3.3 version

Lucius
Legendary
*
Offline Offline

Activity: 1568
Merit: 1354


Fortis Fortuna Adiuvat


View Profile WWW
February 02, 2019, 10:59:02 AM
 #3

Crypto currencies will have a difficult future if they are used primarily to make everyone cheat, rip off and shit.

The fault is definitely on Electrum side, there is no doubt in that - hackers use exploit which should have been foreseen and fixed in the way it was made in the version 3.3.3. But it is also the fault of the users, who do not realize that everything has to be checked several times before actually doing something, and update of desktop wallet is highly risky operation.

If you just visited Electrum official site and read warning :

Quote
Warning: (1) Electrum is a Bitcoin-only wallet. Variants of Electrum for other cryptocurrencies are not developed by us, and they are not endorsed by us. Some of these variants have been found to be Bitcoin-stealing malware. (2) Old versions of Electrum are vulnerable to a phishing attack, where malicious servers ask users to download a fake version of Electrum. DO NOT download Electrum from any other site than electrum.org.

https://electrum.org/#home


Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!