Electrum, the popular wallet which is used to store Bitcoins was reported recently to be under an attack to its servers. Hackers are trying to compromise the servers and steal the funds of users who run an old version of the Electrum wallet sending them a malicious update which gives them a compromised version of the Electrum wallet from the hacker’s website.
Fake Electrum update. Source MalwareBytes
In a tweet a few days ago the Electrum team reported that their servers were under Dos attack, telling their users to be careful when they connect the wallet to the servers.
Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually.
— Electrum (@ElectrumWallet) April 7, 2019
The news quickly spread across the web and here it is a Reddit thread with information about the problem.
A Reddit user commented:
Please be patient trying to find a server that works for you (disable auto-connect doing so). Do not download alternative Electrum versions from random sites stating they will fix this issue – those are by scammers trying to steal your coins!
Update: The botnet has a range of 150-300k unique IPs hammering all servers on the application level. The attacker is resourceful and is running custom code on the zombies, which is fairly uncommon. It leads me to believe the botnet is not rented but under direct control of the attacking entity.
I think the motivation of the attack on legitimate servers is so people running older versions of electrum keep using their old version. This way they stay on a scammer server and are asked to upgrade from a malware site upon sending a transaction. Please make sure to only use the official site stickied at the top by BashCo.
A security analyst told Hard Fork that in case those malicious versions of Electrum gets installed all the funds on those old versions will be immediately lost.
“The total amount stolen is in the millions of dollars so far, with a single person alone losing almost $140,000, based on our analysis,” they said. “The DoS attacks are a new level, which only began about a week ago. People have seen 25 Gigabits per second worth of traffic being flooded at community run servers.”
Hack in cryptocurrency is a common thing since it is a new technology and most of the people neglect the security of their crypto wallets, and hackers have big incentives to hack on wallets because of the high-value cryptocurrencies have gained in the last years. It is better to use cold wallet hardware that is not connected to the internet like Ledger Nano S or Trezor.