Electrum Botnet Steals $4.6m in Bitcoin From Over 150,000 Victims

The cryptocurrency community remains subject to a lot of potential scams in this day and age. Although that is nothing new, it would appear some of these attacks are a lot more successful than others. One recently discovered “Electrum botnet” has successfully stolen $4.6m worth of Bitcoin from victims in recent months. It is expected over 150,000 users have been infected by this malware already.

Beware of the Electrum Botnet

When it comes to dealing with cryptocurrencies and their associated wallets, nearly all projects have a version of Electrum available to its users. In the case of Bitcoin, it would appear the Electrum wallet has been very popular for some time now, which also makes it a prone target for criminals and individuals with nefarious intentions. It would appear a dedicated botnet is now targeting these users, and is doing so in a rather successful manner as well.

Most of these attacks have been apparent since December of 2018. A bit of odd timing, considering how the Bitcoin price has tanked significantly since late 2017. One would expect criminals to go after users of this wallet when one BTC is valued at $19,000, rather than near the $4,000 range. Even so, a total of roughly $4.6 million has been stolen to date, which further confirms the efforts have paid off in spades already.

The botnet in question operates in a pretty interesting manner.  It would appear the attackers have spun up several malicious Electrum nodes. These malicious nodes display an error to legitimate Electrum wallet apps, telling them to download a new version of the client. While the new client can be downloaded from GitHub, it is not through the official Electrum repository.   Most users should be able to tell the difference right away, but novice wallet users might not be aware of which repository is legitimate.

Related Post

It is evident the Electrum team is all too aware of what is happening tot heir network. In recent times, the team has mimicked the approach by these criminals to display error messages in users’ wallets and force them to update through the legitimate GitHub repository. Moreover, the team has ensured clients on versions before 3.3 can no longer connect to public servers accordingly.

Although the fake upgrade message looks as legitimate as one would expect, it is evident users need to conduct their own research first and foremost. When downloading software updates, it is always best to do so through the official website, rather than following links shared through the application itself. It is a slight workaround, but if it can keep funds safe, users should not be too bothered by this handful of extra steps.

Despite the best attempts by the Electrum team, Malwarebytes has confirmed the number of infected machines running the illegitimate client continues to increase every month. While the numbers tend to fluctuate a bit, it would appear most of the victims reside in the Asia Pacific region, Brazil, and Peru. Additionally, the number of infection vectors remains unclear, as only three of them have been uncovered so far. However, it is expected there could be as many as a dozen vectors or even possibly more.

Disclaimer: This is not trading or investment advice. The above article is for entertainment and education purposes only. Please do your own research before purchasing or investing into any cryptocurrency.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Published by
JP Buntinx

Recent Posts

Crypto Veteran Investor Explains Bollinger Bands and How To Spot Gems Like Cardano and Bitcoin Spark

In the world of cryptocurrency investments, having the right tools and strategies at your disposal…

1 hour ago

October Historically Is A Good Month For Cryptocurrency Market, Here’s Why You Should Buy In Now

October has historically been a good month for Bitcoin and the cryptocurrency market. In the…

4 hours ago

Why THORChain, Tradecurve Markets, The Graph Are Leading the Future of DeFi

The BNB Smart Chain recently launched on top of THORChain (RUNE). Moreover, The Graph (GRT)…

6 hours ago

Chainlink (LINK) vs. Solana (SOL): Everlodge (ELDG) Emerges as the Ultimate High-Reward Alternative

Chainlink (LINK) and Solana (SOL) are two of the most popular blockchain projects, but their…

6 hours ago

A Shift in Power? Pomerdoge (POMD), Toncoin (TON), and Maker (MKR) Claim Top Gainer Status

In a surprising shift of power in the cryptocurrency market, Pomerdoge (POMD), Toncoin (TON), and…

6 hours ago

A Look At Current Social Metrics As $PEPE Leads The Way In The Top 10 Trending Searches On LunarCrush

Social media is a powerful tool for investors of all kinds, but it is especially…

20 hours ago