An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users’ funds to USD 4.6 million.
Electrum has been facing cyber attacks since December last year when a team of cybercriminals exploited a weakness in the Electrum infrastructure to trick wallet users into downloading the malicious versions of the software.
In brief, the attackers added some malicious servers to the Electrum peer network which were designed to purposely display an error to legitimate Electrum wallet apps, urging them to download a malicious wallet software update from an unofficial GitHub repository.
The phishing attack eventually allowed attackers to steal wallet funds (almost 250 Bitcoins that equals to about $937,000 at the time) and take full control over the infected systems.
To counter this, the developers behind Electrum exploited the same technique as the attackers in order to encourage users to download the latest patched version of the wallet app.
“Electrum clients older than 3.3 can no longer connect to public electrum servers. We started exploiting a DOS vulnerability in those clients, in order to force their users to upgrade and to prevent exposure to phishing messages. Linux Tail users should download our Appimage,” Electrum developers tweeted in March.
images from Hacker News