Two users of the Electrum software wallet have reported recently that they lost large sums of Bitcoin (BTC). One victim claimed to have lost a sum of 1,400 BTC, which would have a value of $14,595,000, whereas the other lost 36.5 BTC, which is worth $380,512. It seems that the events are connected to a long-standing phishing scam that has plagued users of the Electrum Bitcoin wallet since 2018. Crypto exchange OKCoin’s chief operating officer, Jason Lau said that people need to exercise caution when they are handling their own keys. They need to be cautious, especially when the keys are to a wallet comprising of a large amount of cryptocurrency because this can attract hackers.
He said that in this incident, it appeared that the users were prompted to install an update through a phishing attack, which gave the hacker access to funds and private keys. Phishing scams have become quite widespread amongst different types of applications and they continue to get more sophisticated over time. It was back on December 27th, 2018 that the first news about a phishing scam affecting the Electrum wallet had first surfaced and almost $1 million had been reported as stolen. The hack had been publicized by a Reddit user, who said that a number of malicious servers had been set up by the hacker.
Put simply, users were led to a malicious webpage through the servers by the hacker and they were prompted to enter their private data. In this way, control of their assets was given to a nefarious party that was behind the scam. It also involved a fake update to the wallet, which downloaded malware onto the users’ devices. In December 2018, there was a total of 243 BTC in the wallet that was reported to be part of the scam. If you check the address today, it shows that a total of 637.44 BTC were added and then taken from the now empty wallet.
The wallet difficulties didn’t let up in the months after the Electrum phishing scam became public. This included a separate denial-of-service attack, which was quite similar to the phishing con of 2018 because it also used phony software updates to lead victims astray. Recently, two additional users of the wallet have reported their cryptocurrency stolen. The one who lost 1,400 BTC said that he hadn’t accessed the wallet since 2017. As per a specific transaction ID, the wallet could have been connected to a Binance exchange account.
However, according to a Binance representative, more than 75 wallet addresses were involved in the transaction ID. The representative also highlighted gray areas and difficulties associated with pegging and tracking transactions due to crypto’s nature and the numerous parties transacting every day. The representative said that the account associated with the stolen 1,400 BTC was also reviewed, but they didn’t find any suspicious indicators. Some of the stolen Bitcoin was also tracked to Russia, although no definite conclusion could be made due to the potential usage of a VPN.