The attack on Electrum servers seems to be over

[djhomeschool]

I have no problems anymore, everything running smooth again and synchronizing fast and without problems.

Is the attack over?

[1715440455]

1715440455

[1715440455]

1715440455

[1715440455]

1715440455

[Pmalek]

At the moment there is no official announcement from Electrum on their Twitter or Reddit pages. The official site offers no information that the attack is over either.
https://twitter.com/ElectrumWallet
https://www.reddit.com/r/Electrum/

[HCP]

I wouldn't be confident enough to say it is "over"... I suspect that IP list of the DDoS botnet that got released (and was constantly being updated) might have mitigated the attack to the point that the network is more or less running "OK".

No doubt it is quite expensive trying to spool up more and more devices as they are constantly being rendered useless.

I'd be more prone to say that this "round" is over...

[anu1908]

my electrum is running smoothly since yesterday even though i've used automatic selection. but that's not a guarantee that the same attack or problems happen in the future unless there's an official fix to prevent such thing from happening. so far, afaik electrum node runner has mitigated this problem with blocking the ip addresses that were used to attack their server as hcp mentioned so that's probably the reason why it seems the attack was stopped.

[moha sasa]

- I have a question, what is to be gained from such an attack!!??

+ Thanks in advance.

[TryNinja]

- I have a question, what is to be gained from such an attack!!??

+ Thanks in advance.

Quoting my post in another thread:

I assume they are attacking the Electrum's servers so their malicious ones can be the only ones working. The user will try servers/close and reopen Electrum until one synchronizes (the bad one), which will give him the “please update” fake message. Obviously this only works in old versions, but the servers are the same, so we all can feel the attack.

This just increases the chances of a uninformed user getting phished.

[Abdussamad]

They probably moved on to targeting altcoin clients.

[hugeblack]

I assume they are attacking the Electrum's servers so their malicious ones can be the only ones working. The user will try servers/close and reopen Electrum until one synchronizes (the bad one), which will give him the “please update” fake message.

[/quote]
Many people are still on older versions.
If this is true and there is a profit from these attacks do not expect to disappear soon.
There will be tours that will continue from time to time until profits reach zero.

Also, do not rule out attacks because of trying to distorting electurm wallet reputation for another new rising wallets. <I do not expect that is the reason this time.>

[NeuroticFish]

what is to be gained from such an attack!!??

Many people are still on older versions.

And this is a big problem, because versions older than 3.3 would only connect to the bad servers and will also show the scammy update message.
This is what they gain from the attack: still real chances to catch uninformed users update to their clone of Electrum.

[Artemis3]

With Electrum server nature which allow anyone to connect (exception for blacklist known IP used for DDoS/malicious acitivty), it's over for now.

Attacker will find another way as long they have money and will to do it.

Out of fun these days i decided to run my own Electrum server, since i have a full bitcoin node synced and all... And i got one called "Electrum Personal Server", Lo and behold, it made the Electrum wallet work like Bitcoin Core or better. So if the public servers go down i could always use mine now. Next i could try running Electrumx or the other one, not sure which is better, but if i do, i would run it only over tor as a hidden service...

[pooya87]

With Electrum server nature which allow anyone to connect (exception for blacklist known IP used for DDoS/malicious acitivty), it's over for now.

Attacker will find another way as long they have money and will to do it.

Out of fun these days i decided to run my own Electrum server, since i have a full bitcoin node synced and all... And i got one called "Electrum Personal Server", Lo and behold, it made the Electrum wallet work like Bitcoin Core or better. So if the public servers go down i could always use mine now. Next i could try running Electrumx or the other one, not sure which is better, but if i do, i would run it only over tor as a hidden service...

it probably is better if you run ElectrumX since it is the most used and because of that it has least amount of bugs. but you shouldn't ignore the alternatives either. the only thing to consider when running an alternative is to check if it is actually an "alternative implementation" or is it the same thing translated into another programming language or if it is a simple wrapper around the main one with additional features.