Ever since the first cryptocurrency entered the market, cybercrime has been one of the most serious threats facing the budding industry. That’s one reason crypto users should always be on the lookout to identify and dodge devious schemes to defraud them of their digital assets. However, the crooks succeed sometimes, leading to losses. The latest one involves the Electrum wallet.
Apparently, the hackers targeted Bitcoin holders, which makes sense given that Bitcoin is the most valuable crypto in the market. Electrum is a popular Bitcoin wallet, so the attackers seem to have had an easy time fishing for preys. They ended up getting away with over 200 Bitcoin tokens worth upwards of $700,000.
The hackers launched their attack on Friday 21st December until their activities were halted by GitHub. As of now, the attackers are no longer active. Initially, Github, on whose network the hackers’ servers had penetrated, didn’t divulge information about the attack since the company had already dealt with and stopped the hack.
How Did They Do It?
It may feel like admiration, but one thing about crypto hackers is that they’re always devising new ways to steal from people. They scour through systems looking for flaws to exploit and once they identify one weakness, all hell breaks loose. In fact, there have been numerous reports of hackers even making their digital way into exchanges and stealing cryptos.
In this case, the hackers managed to sneak several of their servers into the Electrum network. The malicious servers would throw an error every time a user tried to conduct a transaction, and then they would send out a GitHub link directing the user to upgrade their wallet. Turns out, the link led to an infected app that, once downloaded and launched, would request a 2FA code from the user. The account details given would then be used to fraudulently send the user’s crypto holdings to the attacker’s address.
Expect Another One
The 200 BTC hack has been stopped, but Electrum expects the attackers to be back since about 33 of the servers in question are still active on its network. They could use a different GitHub repository to stage their next attack. However, Electrum has since updated its wallet app to ensure fake messages don’t appear as legitimate formatted text. This way, users can easily recognize them. The company is yet to disclose what it plans to do with the 33 servers.