Electrum Wallet Attack May Have Stolen As Much as 245 Bitcoin

A phishing attack on the Electrum wallet network has reportedly managed to steal bitcoin worth over $800,000.

AccessTimeIconDec 28, 2018 at 11:02 a.m. UTC
Updated Sep 13, 2021 at 8:42 a.m. UTC
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

A phishing attack on the Electrum wallet network has possibly managed to steal around 245 bitcoins, worth over $880,000 at today's prices.

Warning of the attack on Thursday, the firm tweeted: “There is an ongoing phishing attack against Electrum users. Our official website is https://electrum.org Do not download Electrum from any other source.”

The bad actor set up the attack by creating multiple fake servers on the Electrum wallet network. As a result, when wallet users that connected to those servers attempted to broadcast a bitcoin transaction, they received an error message providing a malicious link to malware disguised as an updated wallet, the firm explained on its Github page.

Electrum said that "To make the attack more effective, the attacker is creating lots of servers (sybils), hence increasing the chance a client would connect to him."

CoinDesk - Unknown

Fake alert created by the attacker (via Electrum GitHub page)

A Reddit user posted a bitcoin address Thursday that they said the attacker is using to consolidate the stolen cryptocurrency from several addresses used in the attacks. If true, 245 BTC have been taken in this attack, an amount worth $884,000 at press time.

Electrum has moved to mitigate the problem and has released a new version of its wallet 3.3.2, it said on the Github page, adding that “This is not a true fix, but the more proper fix of using error codes would entail upgrading the whole federated server ecosystem out there.”

The firm explained:

“We did not publicly disclose this until now, as around the time of the 3.3.2 release, the attacker stopped; however they now started the attack again.”

Instances of cryptocurrency hacks are fast on the rise as criminals seek an easy path to rich rewards.

According to a recent report from blockchain security firm CipherTrace, nearly $1 billion in cryptos have been stolen so far this year. Another report from McAfee showed that there were nearly four million new mining malware threats in the third quarter of 2018 alone, compared to less than 500,000 in 2017 and 2016.

Hacker image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.