Bitcoin
$ 31,897
Ethereum
$ 1,176.4
Litecoin
$ 137.14

Crypto wallet update scam nets criminals more than millions

Cybercriminals are reportedly tricking owners of Electrum wallets into installing malware so they can steal user funds, according to a ZDNet report. So far, more than $22 million has been stolen per the outlet’s investigation.

The scam involves sending fake updates to wallet owners. This tactic was first noticed in December 2018. Since then, thieves have reused the attack pattern in multiple campaigns over the past years, with some attacks taking place as recently as last month.

How it works

The heist begins when users of the Electrum crypto wallet app receive an unexpected update request via a pop-up message. They update their wallet, then discover that the funds contained within were stolen and sent to the attacker’s BTC account.

This attack method works because of the inner workings of the Electrum wallet app and its backend infrastructure.

Developers designed Electrum wallets to connect to the BTC blockchain to process any transactions.  It connects through a network of Electrum servers known as ElectrumX.

While some crypto wallet services control who can manage these servers, Electrum is an open ecosystem where everyone can set up an ElectrumX gateway server. Since 2018, the bad actors have been abusing this system to spin up malicious servers and wait for unsuspecting users to connect to their systems randomly.

Once this happens, the attackers instruct the server to show a pop-up on the user’s screen, leading the victim to access an URL and download and install an Electrum wallet app update on what turns out to be lookalike domains impersonating the official Electrum website or GitHub repositories.

If users ignore the URL without confirming it is electrum.org, they end up unwittingly installing a malicious version of the Electrum wallet.

The next time the user tries to use the wallet, it will uncharacteristically ask for a one-time passcode (OTP). The code is only requested before sending funds and not at the wallet’s startup. If users enter the requested code without thinking, they have given the malicious wallet’s official approval to transfer all of their funds to an attacker’s account.

The report tracked down multiple crypto accounts where thieves have allegedly gathered stolen funds from the heist they carried out. These wallets hold 1980 BTC, which is roughly over $22 million in fiat currency. A significant portion of those funds appears to have been stolen during one event in August when one unlucky victim reported losing 1,400 BTC (~$15.8 million) after updating an Electrum wallet.

The Electrum team has taken many steps to mitigate this attack. They implemented a server blacklisting system on Electrum X servers to prevent malicious additions to their networks. They also added a system update, stopping servers from showing HTML formatted pop-ups to end-users.

Nonetheless, a malicious server can still slip through the cracks. The attack still works well on those still using older versions of the Electrum wallet app to manage funds.

Related Posts

Leave a Reply

Newsletter

Subscribe To Newsletter

For updates and exclusive offers, enter your e-mail below.

Popular Posts

XPET’s Highly-Anticipated Online Game “Dream Monster” Now Live on IOST (IOST) Blockchain Reading Time: 2 minutes by Ogwu Osaemezu Emmanuel on January 5, 2021 Altcoins RSSFollow by EmailFacebookfb-share-iconTwitterTweet
January 22, 2021By
Cryptocurrency Providers In Singapore Will Now Face Regulation Under MAS
January 21, 2021By
US Federal Regulator Allows Banks to Issue or Use Stablecoins for Payments
January 21, 2021By

Advertisement

Video Posts

In
Africa Digital Finance Summit 2021
January 20, 20210
In
Promoting Blockchain Adoption in Africa
January 19, 20210

Crypto Stats


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin31,897 0.40 % 8.16 % 18.70 %
Ethereum1,176.4 0.74 % 10.29 % 3.33 %
Tether1.000 0.38 % 0.50 % 0.62 %
Polkadot16.52 0.63 % 1.05 % 14.80 %
XRP0.2702 0.65 % 9.19 % 8.71 %
Cardano0.3267 0.79 % 10.21 % 5.34 %
Litecoin137.14 0.58 % 4.67 % 9.91 %
Chainlink19.82 0.93 % 6.10 % 11.81 %
Bitcoin Cash423.82 0.82 % 11.71 % 19.64 %
Binance Coin39.97 0.33 % 4.19 % 4.28 %