Electrum Wallet Phishing Attackers Steal USD 22M in Bitcoin – Report

Bitcoin Scam Security Wallet
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Tim Alper
Author Categories
About Author

Tim Alper is a British journalist and features writer who has worked at Cryptonews.com since 2018. He has written for media outlets such as the BBC, the Guardian, and Chosun Ilbo. He has also worked...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Bitcoin (BTC) thieves are amassing a fortune in stolen crypto funds – using a devious Electrum wallet exploit that allegedly tricked one user out of a staggering BTC 1,400 (USD 16.1m).

Source: Adobe/Maksim Kabakou

Per a report from ZDNet, criminals have developed an “attack pattern that has been reused in multiple campaigns over the past two years,” amassing a total of USD 22m.

On the Bitcoin Abuse Database website, a number of users posted similar complaints about one wallet holder with the address bc1qcygs9dl4pqw6atc4yqudrzd76p3r9cp6xp2kny (data viewable here, via Blockchain.com), with one writing,

“Electrum version 3 asks to be updated, in a seemingly genuine way, from the program. Transaction impossible without the update. Downloaded electrum 4.0.0. exe which has no signature and is marked as malware by Avast. As a result, approved transactions are redirected to the above address and the amount is corrected to all wallet content (minus transaction fee). Please boycott that address.”

Source: www.bitcoinabuse.com

The wallet holder in question has received over BTC 1,509 – but has apparently taken care to keep the crypto moving, sending almost the same amount off to other addresses.

ZDNet claimed it had identified tracked “multiple Bitcoin accounts where criminals have gathered stolen funds from attacks they carried out over the course of 2019 and 2020,” adding that the latest attacks had taken “as recently as September 2020.”

The users claim they were presented with an apparent pop-up window asking them to download a software update for the wallet in order to complete transactions. This is part of a phishing attack that eventually prompts users to send their funds to what appears to be a series of scammers’ wallets.

The same user who claims they lost BTC 1,400 in the bogus update scam expanded on the matter on a Github thread, with one developer writing,

“Electrum doesn’t have a bug that can be exploited, it cannot be controlled remotely. It has no open vulnerability that can cause loss without a user’s action. Electrum was no more ‘hacked’ or ‘exploited’ than Gmail, Yahoo, Outlook and all financial institutions (banks, etc.) as well as various other online services are every day.”

___
Learn more:
Hackers Set Sights on Over USD 700m Bitcoin Wallet That Might Also Be Empty
Trezor Fixes New Vulnerability, KeepKey Working On It; New Malware Targets Wallets
Personal Data Leaks In Crypto Are Inevitable, Here’s What Can Be Done
Discovered Vulnerability Made Ledger to Choose Between ‘Security and Usability’

More Articles

Blockchain News
Japan’s SBI Posts Record Crypto Profits; Aims for Nation’s First USDC Listing
Tim Alper
Tim Alper
2025-02-09 23:30:00
Price Analysis
Price Breakthrough Forecast: The Next XRP Rally Could Be Here Soon
Arslan Butt
Arslan Butt
2025-02-09 14:21:48
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors