Massive DoS Attack Steals Millions |
There is no rest for the wicked as 2019 is already seeing a large number of virtual attacks. On April 7th, it became apparent that the bitcoin wallet service Electrum was facing a Denial-of-Service (DoS) attack.
Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually.
— Electrum (@ElectrumWallet) April 7, 2019
By unconfirmed information, users have already lost millions of dollars. One particular user lost more than $140 000 so far.
The origin of the attack apparently came from a malicious botnet of more than 150 000 machines. Their task is simple: Steal as much bitcoin as possible by referring users to false versions Electrum software. It seems that this DoS attack is quite sophisticated and will take some time to resolve.
The security team have also pointed out that fake servers were also created beforehand. These servers are currently used to host false versions of Electrum to prolong the attack as much as possible.
As soon as a user syncs the already vulnerable Electrum wallet with a false server, a short update fully installs the fake version. After the fake version is linked with the client wallet, all funds begin to be drained immediately.
Electrum needs to act fast
The lead developer of Electrum, Thomas Voegtlin stated that this issue must be resolved as soon as possible. According to him, the biggest risk lies with users who installed Electrum and didn’t patch the software for a while.
The official website even states that any version before 3.3 is unable to connect to the public servers and must be patched. This measure was taken to prevent users from being exposed to phishing messages. It’s also important to note that the website DOES urge users to download Electrum software only from the official source.
Voegtlin wants the issue to be solved for hours if not days. While the security team is working on a solution, they have advised users to disable the auto-connect option. For further security, users should manually select their servers. This will allow some users to save their wallets until a more permanent solution is found.
This unfortunately, is not the first time Electrum has been attacked. Back in December 2018, a similar attack led to a loss of nearly $950 000 worth in Bitcoin. The previous attack was a fake version of the wallet which fooled users into entering their passwords.
Many people have also reported malicious ads for Electrum popping up on major platforms like Youtube and Twitter. According to a World Economic Forum cybersecurity report, most attacks happen due to lack of security measures. Very rarely a high-level hacker is responsible for such an attack.
Taking into consideration that Electrum has been targeted more than once, it’s safe to assume that the problem lies with the company’s security.
You can also check out: