Bitcoin Forum
May 21, 2019, 02:13:26 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [Beware] Ongoing Electrum Phishing Attempt  (Read 99 times)
DireWolfM14
Sr. Member
****
Offline Offline

Activity: 392
Merit: 538



View Profile WWW
February 18, 2019, 06:18:49 AM
Merited by suchmoon (4), HCP (2)
 #1

Several weeks ago a few users of the popular bitcoin desktop wallet Electrum reported loss of their bitcoin after downloading a malicious versions of software.

The scammers were able to infect Electrum servers to broadcast messages to users of older versions of the software.  The message would trick users into downloading the malware.  Recent releases of Electrum are able to prevent the messages from being broadcast by the compromised servers, but users who are still using versions prior to 3.3.3 are still vulnerable.  

I'm posting this here to help bring awareness to the issue.  If you are using an older version of Electrum it is recommended you upgrade to the latest version.

Only download Electrum from the official website:  https://electrum.org/
Don't forget to check the signature.  

More information can be found here: https://github.com/spesmilo/electrum/issues/4968

Originally the scammers directed victims to download the malware from the impostor's github repository, but github has since shut down the scammers account.  However it appears the scammer is still attempting to take advantage of the vulnerability by now directing his potential victims to a new site for downloading the malware.

Warning: Do not visit the site listed blow.  It is displayed only for your reference.
Code:
https://electrumdownload.com/


███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
1558404806
Hero Member
*
Offline Offline

Posts: 1558404806

View Profile Personal Message (Offline)

Ignore
1558404806
Reply with quote  #2

1558404806
Report to moderator
START MINING BTC NOW WITH NEW GENERATION S17 ANTMINER! BTC/BCH/LTC/ZCASH/DASH/ETH/DCR MINING PLAN AVAILABLE Highly Reduced Electricity Fee $0.067/T/DAY!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
judeafante
Sr. Member
****
Offline Offline

Activity: 896
Merit: 250


Join @Bountycloud for the best bounties!


View Profile
February 19, 2019, 11:21:30 AM
 #2

Metacert is now a paying subscription but for $5 or more a month, it will save you from a phishing attack, sometimes it's hard to detect the right one from the wrong one and of course, only download from official sites, some duplicate download sites are injected with redirection.

    █▄       ▄                                            ████     ▐███▌                                                  
    ▐████▄ ▄██                                           █████     ████▌
    ▐█████████▌                                          █████     ████
▄▄▄▄▄███████  ▄▄▄▄▄▄▄▄                                   █████    █████                                 █████
  ▀█████▀▀  ▄██████████▄                   ████     ▄██████████████████████                             █████
    ▀▀  ▄▄██████████████                  █████     ██████████████████████                             ▄█████
    ▄██████▀██▀█████████     ▄██████   ▄██████████      ████     █████          ▄████████    ▄██████▄  █████  █████
    █████▀▀ ▀▀ ▀██████    ▄███████████ ███████████     ▐████     █████       ▄███████████  ██████████  ██████████████
    ███████ █ ██████    ▄█████▀ ▐█████  ▐█████         █████     █████      ▄██████▀ ████ █████▀  ▀██  ██████████████
    █████▄  ▄ ▄▄██████▌ ██████████████  ██████    ██████████████████████▄ ▄█████    █████ ████████     █████    █████
   ▐██████ ██ █████████ ████████████    █████▌    ▀██████████████████████ █████    ██████  ██████████ ▄████▀   ▄█████
   ████████████████████ ██████          █████          ████     █████     █████▄  ███████      ██████ █████    ██████
   ██████████████████   █████████████  ████████      ▄████    ▐████▌     ██████████████  ███████████ █████    █████
   ████████████████▀      ██████████     ███████▀     ████▀     ████▌     ████████▌ ███  ▀████████   █████    █████
|
  Bet on Future Blocks & Earn a Passive Income
         Supports Bitcoin, Ethereum, EOS and more!   
   🎰 Play Lottery
🎲 Play Dice
🍀Get Referral Bonus
    ▄████████▄
  █████▀█▀██████
 ████▄  ▄  ▀█████
██████▌ ▀▀▀ ▄████▌
██████▌ ███  ████▌
 ████      ▄▄████
  █████▄█▄█████▀
    ▀▀██████▀▀
    ▄▄███████▄
  ▄█████████████
 █████████▀ ▀▀███▄
▐███▌   ▀    ▐████
▐████        █████
 █████▀    ▄█████▀
  ▀█████████████
    ▀▀███████▀
   ▄▄███████▄▄
 ▄█████████████▄
▄████████▀▀   ███
████▀▀  ▄█▀  ████
██▄▄ ▄█▀     ████
▀█████      █████
 ▀████▄███▄ ███▀
    ▀███████▀
Theb
Sr. Member
****
Offline Offline

Activity: 924
Merit: 377



View Profile
February 19, 2019, 11:56:30 AM
 #3

Here is the message being broadcasted to the older versions of Electrum:


I found this on the issues tab of Electrum in Github, and it looks like users using an older version of Electrum who are trying to send Bitcoin will receive this message at the same time their transaction won't be created. Electrum has been in similar attacks with their software before but this one is unique on how they try to infiltrate their users, the good thing is Electrum is quick to act and I know see on their website that they have announced the current situation.

FORTUNEJACK
      ▄▄███████▄▄
   ▄████▀▀ ▄ ██████▄
  ████ ▄▄███ ████████
 █████▌▐███▌ ▀▄ ▀█████
███████▄██▀▀▀▀▄████████
█████▀▄▄▄▄█████████████
████▄▄▄▄ █████████████
 ██████▌ ███▀████████
  ███████▄▀▄████████
   ▀█████▀▀███████▀
      ▀▀██████▀▀
         
         █
...FortuneJack.com                                             
...THE BIGGEST BITCOIN GAMBLING SITE
       ▄▄█████████▄▄
    ▄█████████████████▄
  ▄█████████████████████▄
 ▄██
█████████▀███████████▄
██████████▀   ▀██████████
█████████▀       ▀█████████
████████           ████████
████████▄   ▄ ▄   ▄████████
██████████▀   ▀██████████
 ▀██
█████████████████████▀
  ▀██
███████████████████▀
    ▀█████████████████▀
       ▀▀█████████▀▀
#JACKMATE
WIN 1 BTC
▄█████████████████████████▄
███████████████████████████
███████████████████████████
██████████▀█████▀██████████
███████▀░░▀░░░░░▀░░▀███████
██████▌░░░░░░░░░░░░░▐██████
██████░░░░██░░░██░░░░██████
█████▌░░░░▀▀░░░▀▀░░░░▐█████
██████▄░░▄▄▄░░░▄▄▄░░▄██████
████████▄▄███████▄▄████████
███████████████████████████
███████████████████████████
▀█████████████████████████▀
hugeblack
Hero Member
*****
Offline Offline

Activity: 686
Merit: 521


Not your code, Not your Coins, Dld FULLNODE wallet


View Profile
February 19, 2019, 07:18:36 PM
 #4

the good thing is Electrum is quick to act and I know see on their website that they have announced the current situation.
Not only that, but the fame of this wallet makes any hack under the radar is easy to identify and reveal, especially in this forum or reddit.com/r/Bitcoin.
I have read about this attack a few days ago so I do not expect the impact of many users.
generally, thanks to everyone who contributed to the warning others.

Also, traditional tips help to avoid a lot of stuff.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!