Number of Infected Electrum Bitcoin Wallets Reaches 152,000

Published at: April 29, 2019

The number of infected Electrum bitcoin (BTC) wallets has reached 152,000 following an ongoing Denial-of-Service (DoS) attack on its servers. The development was reported by anti-malware software firm Malwarebytes in a blog post on April 29.

Malwarebytes discovered that the number of infected machines in the botnet has amounted to as high as 152,000, with the volume of stolen funds increasing to $4.6 million. The company managed to pinpoint a loader dubbed Trojan.BeamWinHTTP, which is also involved in downloading the previously-detected Electrum DoSMiner.

The largest concentration of the bots is reportedly located in the Asia Pacific region, Brazil and Peru, with the botnet that is attacking the Electrum infrastructure constantly growing.

In early April, Cointelegraph reported that the ongoing DoS attack on the Electrum network was allegedly launched by a malicious botnet of more than 140,000 machines, aiming to steal users’ BTC by referring them to fake versions of Electrum software.

As reported, the attackers implemented their own Electrum servers hosting compromised Electrum versions in order to realize the hack. After users sync their vulnerable Electrum wallet with a malicious server, they are directed to “update” their client with a hacked version, which eventually leads to an immediate loss of funds that were contained in the old versions.

Last December, the hack allowed a malicious party steal almost 250 BTC (about $937,000 at the time). Affected users reported trying and failing to log in to their wallets after providing their two-factor authentication code — something Electrum did not in fact request during login. The hackers then emptied the wallet balance.

Earlier in April, hardware cryptocurrency wallet manufacturer Ledger detected malware targeting its desktop application. The malware locally replaced the Ledger Live desktop app with a malicious one, infecting only Windows machines. Ledger further noted that the malware cannot compromise users’ computers or digital currency, but only represents a phishing attack in a bid to lure users to enter their 24-words recovery phrases.

Tags

Bitcoin

Cryptocurrencies

Hacks

Hackers

Malware

Related Posts

Hackers Stole and Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms

Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …

Bitcoin / Feb. 3, 2020

Bilaxy exchange suspends website after ERC-20 hot wallet hack

Bilaxy, a lesser-known cryptocurrency exchange, has confirmed a major hacking incident, reporting the losses of funds due to an exploit of the platform’s ERC-20 hot wallet. Bilaxy announced on its Telegram channel that the crypto exchange suffered a “serious hack” on Saturday between 6 pm and 7 pm UTC, resulting in the transfer of 295 different ERC-20 tokens. According to the exchange, the affected tokens were transferred by the hacker to a single address. At the time of writing, the tokens are valued at $170,600, with the most recent transaction sending out 50 Ether (ETH), or about $159,000, on Monday. …

Bitcoin / Aug. 30, 2021

Bitfinex hackers move another $30M in stolen Bitcoin from 2016

Bitcoins (BTC) stolen from major cryptocurrency exchange Bitfinex back in 2016 are on the move again, as hackers shift another massive batch of funds to unknown wallets. According to data from crypto transaction tracking service Whale Alert, Bitfinex hackers moved more than $4.6 million in stolen BTC on Oct. 8. These funds were sent to unknown wallets in two separate transactions of 435 BTC and 8 BTC. But the hackers have moved far more than this amount earlier this week. According to Whale Alert, Bitfinex hackers completed seven more similar transactions on Oct. 7, totaling at 2,900 Bitcoin, or $26.4 …

Bitcoin / Oct. 8, 2020

Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic

A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …

Blockchain / April 16, 2020

FTX hacker dumps 50,000 ETH, still among top 40 Ether holders

The hacker behind the bankrupt cryptocurrency exchange FTX started transferring their Ether (ETH) holding to a new wallet address on Nov. 20. The FTX wallet drainer was the 27th largest ETH holder after the hack but dropped by 10 positions after the weekend ETH dump. The FTX hacker drained nearly $447 million out of multiple FTX global and FTX.US exchange wallets just hours after the crypto exchange filed for Chapter 11 bankruptcy on Nov. 11. Majority of the stolen funds were in ETH, making the exploiter the 27th largest ETH whale. On Nov.20, the FTX wallet drainer 1 transferred 50,000 …

Bitcoin / Nov. 21, 2022