Electrum, the Bitcoin wallet service provider is experiencing a massive attack on its server. As per the tweet on April 7th by Electrum, they are facing an ongoing Denial-of-Service (DOS) attack on its servers and urged clients to only use the updated version of the wallet to prevent crypto holdings getting stolen.
The DOS attack is designed in a way to trick users installing the malicious version of the software, thus giving attackers the full access to the user’s crypto wallet. According to thenextweb.com, the stolen amount is currently running in millions of dollar.
A sophisticated botnet of more than 140,000 machines has launched the DOS attack, directing users to use the compromised version of the software. The DOS attack which began a week ago is witnessing 25 GB per seconds of traffic being flooded at the Electorum servers.
Post syncing with the malicious Electrum server, the users are directed to update their wallet with the hacked version, resulting in immediate loss of funds that were contained in the previous version.
Lead Electrum developer, Thomas Voegtlin said that they are working to mitigate the danger in the coming hours or days. He said that the users who have downloaded Electrum long ago and have not updated since then, are at the highest risk.
As a measure, Electrum has stopped support for software version older than 3.3 and cannot connect to public servers. They must upgrade their wallet with the latest version in order to prevent from getting scammed and also urged users to not download Electrum software from any other source than electrum.org. It has also urged users to disable the auto-connect feature and select their server manually.
“With the benign servers down due to the attack, there’s a strong likelihood of people connecting to the malicious ones.”
“Original versions of the attack used modified Electrum servers, abusing a bug in the Electrum wallet, to send messages telling users that they need to upgrade their software to a malicious version. These were originally tackled by using Google’s SafeBrowsing service to make them inaccessible to possible victims.”
At present, around 200 domains are hosting the Electrum malware, but the time required by Google to update its SafeBrowsing database, blacklisting malicious servers have become ineffective.
This is not the first time Electrum servers are under attack, back in December 2018, a similar attack led to a loss of $937,000 worth in Bitcoin.
Join the Discussion on Telegram