Users of Crypto Wallets Electrum and MyEtherWallet Face Phishing Attacks

Published at: Feb. 5, 2019

Users of cryptocurrency wallets Electrum and MyEtherWallet are currently facing phishing attacks, according to posts published on Reddit and Twitter on Feb. 4.

A phishing attack is an attempt to obtain sensitive data like users’ personal or banking information by illicit means, wherein an attacker is disguised as a trusted entity and sends a user a message or an email containing a malicious link. Once clicked, the link asks the user to enter their personal data or initiates the installation of malware.

On Feb. 4, the team behind MyEtherWallet tweeted a warning about a phishing email that was sent to users, asking them to divulge personal information:

Attention #MEWfam,There's another phishy email going around asking users to give up personal information. Don't believe the hype!#1. We will never email you first (only reply to support).#2. We will never ask for your private key (or other sensitive info).#3. Be skeptical! pic.twitter.com/654TLIt5ar

— MyEtherWallet.com (@myetherwallet) February 4, 2019

One user on Reddit found that a phishing scam attempting to steal sensitive data from Electrum customers was posing as a security update. Redditor exa61 posted a picture of a system message, allegedly from Electrum wallet, requiring a security update to Electrum 4.0.0, while the latest version of the wallet is currently Electrum 3.3.3.

The latest version of Electrum (version 3.3.3) will notify users when a new release of Electrum is available. Release announcements are signed by us, and verified by Electrum using a hardcoded Bitcoin address. This feature is optional and can be disabled. https://t.co/Y2DXoUyOgk

— Electrum (@ElectrumWallet) January 26, 2019

In the thread, one user pointed out that it was “the second cluster of reports of the same phishing, and the first one was at the end of December 2018,” adding that the would-be hacker could have “100 GitHub accounts.”

Electrum subsequently published a warning on their website, notifying that “versions of Electrum older than 3.3.3 are vulnerable to a phishing attack, where malicious servers are able to display a message asking users to download a fake version of Electrum.” The company warned its users to not download software updates from other sources.

Recently, an unidentified hacker or hacker group purportedly detected a security vulnerability in the LocalBitcoins forum and linked it to a phishing forum. In a Reddit post published by the community manager, LocalBitcoins claimed that the identified vulnerability had been contained in third-party software, and confirmed six known cases of users being affected.

Tags
Related Posts
Israeli Citizen Accused of Stealing Over $1.7 Million in Crypto
Eliyahu Gigi, a 31-year-old from Tel Aviv, has been charged with stealing over $1.7 billion in a variety of cryptocurrencies. Gigi allegedly stole Bitcoin (BTC), Ethereum (ETH), and Dash (DASH) from users in the Netherlands, Belgium, and Germany. Lawyer Yeela Harel of the cyber department in the State Attorney's Office filed charges against Gigi on July 17, according to a report published the same day by Israeli business outlet Globes. Gigi has reportedly been charged with crimes including theft, fraud, and money laundering, among others. According to the report, Harel’s indictment claims that Gigi set up a network of scam …
Bitcoin / July 19, 2019
Nearly a quarter of unique Bitcoin wallets at a loss amid $15K price dump
Bitcoin (BTC) is down almost 30% in the last seven days, and this dip has triggered an almost commensurate plunge in the percentage of wallets in profit. Data from crypto data provider Glassnode shows that Bitcoin’s price drawdown has led to almost a quarter of unique on-chain entities being at a loss. This situation also bears some parallels to previous extreme downside price action periods that interrupted bullish advances. During the Black Thursday crash of March 2020, unique on-chain entities at a loss also approached the 25% mark as Bitcoin fell almost 50%. Further back, the 2019 rally from the …
Bitcoin / May 19, 2021
Singapore Carpooling App Ryde Launches Wallet for BTC Payments
Singaporean carpooling app Ryde announced the launch of its own cryptocurrency wallet which will facilitate Bitcoin (BTC) payments for its service. In an announcement shared with Cointelegraph on June 17, Ryde claims to be the first and only ride-hailing application to incorporate Bitcoin payments into its ecosystem. The firm’s customers will be able to use Bitcoin to pay their rides starting on June 22. Other cryptocurrencies will follow Ryde’s wallet, RydePay, will allow its users to convert Bitcoin into Ryde coins to top up their balance and pay for their rides. The conversion happens at market rates, with no fees …
Bitcoin / June 18, 2020
Crypto Payment Provider Unveils Partnerships Worth Millions of Euros
A crypto payment infrastructure provider has revealed a new partnership worth millions of euros. Eligma says Bitcoin.com and Switzerland’s Pangea Blockchain Fund have contributed 4 million euros (about $4.4 million) to the continued global expansion of Elipay — infrastructure enabling merchants in brick-and-mortar stores to accept instant payments in a plethora of cryptocurrencies. The company says this makes it one of the few startups from the 2018 public crowdsale period to continuously demonstrate the utility of its token and products. The new round of investment will see Roger Ver, the founder of Bitcoin.com, become an Eligma board member, and a …
Bitcoin / Sept. 6, 2019
California Cybercrime Police Focus on Cryptocurrency SIM Swapping as ‘Highest Priority’
U.S. law enforcement consider so-called “SIM swapping” one of its “highest priorities” in a bid to fight cryptocurrency fraud, security news and investigation blog KrebsonSecurity reported Nov. 7. Speaking to the publication, Samy Tarazi, a police sergeant in Santa Barbara and a supervisor of the REACT Task Force — a group dedicated to fighting cybercrime — said the number of instances of the crime had increased dramatically. “For the amounts being stolen and the number of people being successful at taking it, the numbers are probably historic,” he said. SIM swapping refers to the act of remotely hijacking the SIM …
Bitcoin / Nov. 7, 2018