Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.
According to ZDNet, owners of the Electrum cryptocurrency wallet received a sudden fake update request via a popup message. The notification arrived as an error message for the transaction. After updating the wallet, the victims noticed their funds were immediately stolen and sent to an attacker's address.
ZDNet claims the hacker's method is still viable due to Electrum's backend infrastructure. Electrum's open ecosystem allows anyone to set up an ElectrumX gateway server. Starting from 2018, bad actors have been using this technique to spin up malicious servers and wait for users to connect to their systems, ZDNet states.
Once the connection is established, the hacker uses the server to show a notification on the victim's screen.
ZDNet estimates at least 1980 BTC stored on fake wallets (approx. $23 million at press time).
iHodl already reported that hackers stole 1,400 BTC ($16.1M) from an investor who stored assets in the Electrum wallet since 2017. A user under the pseudonym 1400BitcoinStolen said on GitHub he had stored his cryptos in the wallet, which he had not assessed since he bought the coins.
Access more than 50 of the world's financial markets directly from your EXANTE account – including NASDAQ, London Stock Exchange and Tokyo Stock Exchange.