The server of the well-known Bitcoin wallet Electron was severely attacked, and users are advised not to use the trading platform until it is completely repaired. It is reported that a server with a complex botnet that includes 140,000 machines launched Denial-of-Service (DoS) attacks on Electrum‘s servers.
Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually.
— Electrum (@ElectrumWallet) April 7, 2019
The hacker even deployed a self- server that integrates the “backdoor” version of the Electrum client. Once the user is successfully synchronized with a malicious server, it will be upgraded to an Electrum client with a backdoor. A senior security researcher told Hard Fork that if a user installs the problematic version of the Electrum client, all bitcoin funds on the previous version will be migrated.
“The total amount stolen is in the millions of dollars so far, with a single person alone losing almost $140,000, based on our analysis,” they said. “The DoS attacks are a new level, which only began about a week ago. People have seen 25 Gigabits per second worth of traffic being flooded at community run servers.”
Electrum electronics developer Thomas Voegtlin told Hard Fork, there are more than 200 detected domains that seem to host Electrum malware. Unfortunately, as Google took the time to update its SafeBrowsing database, blacklisted malicious servers have become ineffective.