Slashdot Mirror

← Back to Stories (view on slashdot.org)

Users Report Losing Bitcoin in Clever Hack of Electrum Wallets (zdnet.com)

Posted by msmash on from the security-woes dept.

A hacker -- or potentially a group of hackers -- has made over 200 Bitcoin (circa $750,000 at today's exchange) using a clever attack on the infrastructure of the Electrum Bitcoin wallet over the last one week. From a report: The attack resulted in legitimate Electrum wallet apps showing a message on users' computers, urging them to download a malicious wallet update from an unauthorized GitHub repository. The attack began last week on Friday, December 21, and appears to have been temporarily stopped earlier today after GitHub admins took down the hacker's GitHub repository. Admins of the Electrum wallet expect a new attack to soon get underway, with either a new GitHub repo or a link to another download location altogether. This is because the vulnerability at the heart of this attack has remained unpatched, albeit Electrum wallet admins taking steps to mitigate its usability for the attacker.

3 of 72 comments (clear)

  1. LOL ... love these stories ... by Anonymous Coward · · Score: 1, Insightful

    The attack resulted in legitimate Electrum wallet apps showing a message on users' computers, urging them to download a malicious wallet update from an unauthorized GitHub repository.

    You know, after so much hype and bullshit around cryptocurrencies, this shit just makes me laugh.

    You wanted to play in an unregulated financial industry, this is what you get. It's the wild west of scams and idiots, and I have no sympathy for any of them.

    Boo fucking hoo, more cryptocurrency fools have lost their money.

    1. Re:LOL ... love these stories ... by Anonymous Coward · · Score: 2, Insightful

      Then keep playing with it. Personally I'll stick with my bank, my stock broker, and my credit card company. Literally millions of dollars have flowed thru these institutions directly by me and not a single penny has been misplaced over decades. I'll stick with what works for me. And exactly what happened when law enforcement was notified of the hack? Anything? I know if someone robbed me of cash I'd call the police and they would at least try to look for the thief.

    2. Re: LOL ... love these stories ... by Anonymous Coward · · Score: 1, Insightful

      Where are the proper safeguarding instruments for various crypto faux-currency?

      There are none which makes the 99% of crypto nerds who collectively own 1% of crypto faux-coins (the 99% belonging to the Chinese government) incredibly fucking naive. When my bank is robbed I personally lose nothing. When a waiter steals my credit card info I lose nothing. When my crypto faux-coin wallet is ripped off I get wiped out with no recourse.

      Which is the smart way to go and which is dumb?

      Crypto faux-currency serves no real world purpose or role.