Hackers steal 200 Bitcoin using a clever attack on the infrastructure of the Electrum Bitcoin wallet

A hacker (or hackers group) have stolen more than 200 bitcoins, or about $750,000, by attacking the infrastructure of the Electrum Bitcoin wallet. The attacker is targeting the weakness of the Electrum wallet application. The attack resulted in legitimate Electrum wallet apps showing a message on users’ computers, urging them to download a malicious wallet update from an unauthorized GitHub repository.

Image: SoberNight

The attacker first added dozens of malicious servers to the network. When the user made a bitcoin transaction, if the transaction passed a malicious server, their wallet would receive an update notification when the user downloaded the malicious update from the hacker’s GitHub repository. After that, you will be asked to enter the 2-step authentication code. After the hacker steals the 2-step authentication code, the bitcoin in the user’s wallet can be transferred.

The attack began on December 21st and stopped after GitHub removed the malicious library. Because the vulnerability has not been fixed, Electrum warns that similar attacks may happen again. “We did not publicly disclose this [attack] until now, as around the time of the 3.3.2 release, the attacker stopped,” said SomberNight, a developer part of the Electrum wallet team. “However they now started the attack again.”

Via: ZDNet