Bitcoin (BTC) thieves are amassing a fortune in stolen crypto funds – using a devious Electrum wallet exploit that allegedly tricked one user out of a staggering BTC 1,400 (USD 16.1m).
Per a report from ZDNet, criminals have developed an “attack pattern that has been reused in multiple campaigns over the past two years,” amassing a total of USD 22m.
On the Bitcoin Abuse Database website, a number of users posted similar complaints about one wallet holder with the address bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny (data viewable here, via Blockchain.com), with one writing,
“Electrum version 3 asks to be updated, in a seemingly genuine way, from the program. Transaction impossible without the update. Downloaded electrum 4.0.0. exe which has no signature and is marked as malware by Avast. As a result, approved transactions are redirected to the above address and the amount is corrected to all wallet content (minus transaction fee). Please boycott that address.”
The wallet holder in question has received over BTC 1,509 – but has apparently taken care to keep the crypto moving, sending almost the same amount off to other addresses.
ZDNet claimed it had identified tracked “multiple Bitcoin accounts where criminals have gathered stolen funds from attacks they carried out over the course of 2019 and 2020,” adding that the latest attacks had taken “as recently as September 2020.”
The users claim they were presented with an apparent pop-up window asking them to download a software update for the wallet in order to complete transactions. This is part of a phishing attack that eventually prompts users to send their funds to what appears to be a series of scammers’ wallets.
The same user who claims they lost BTC 1,400 in the bogus update scam expanded on the matter on a Github thread, with one developer writing,
“Electrum doesn’t have a bug that can be exploited, it cannot be controlled remotely. It has no open vulnerability that can cause loss without a user’s action. Electrum was no more ‘hacked’ or ‘exploited’ than Gmail, Yahoo, Outlook and all financial institutions (banks, etc.) as well as various other online services are every day.”
Hackers Set Sights on Over USD 700m Bitcoin Wallet That Might Also Be Empty
Trezor Fixes New Vulnerability, KeepKey Working On It; New Malware Targets Wallets
Personal Data Leaks In Crypto Are Inevitable, Here’s What Can Be Done
Discovered Vulnerability Made Ledger to Choose Between ‘Security and Usability’