Cybercrime gangs have stolen an amount to over $22M from the users who use the Electrum Bitcoin wallets through a fake app update scam based on an investigation. The criminals have then transferred the stolen funds to several Mitcoin accounts that now contain 1980 BTC.
Many of the funds were stolen in a single incident in August, after an Electrum BTC wallet user posted on Github in about losing 1,400 BTC after the fall for the fake update. Additionally, a report found that the hackers have stolen the 1,400 BTC had a Binance account and that many of the transactions have been involved in the theft originated in Russia.
It turns out that the criminals are using a particular technique repeatedly from December 2018 right until their last known attack that occurred in September 2020. With the ongoing hacks, Electrum Bitcoin wallet users have also reported the attacks thru Bitcoin abuse portals. Victims have received an Electrum app update request. After that, hackers immediately have stolen the users’ funds and transferred them to an attacker’s Bitcoin account.
Unlike most wallets, Electrum has an “open” ecosystem where everyone can set up and manage the wallet’s gateway servers, wherein the hackers have taken advantage of it. The report says that the fake update’s download link is not for the official Electrum website, but to make it look like domains or GitHub repositories. The investigators have advised the users to pay attention to the URL when receiving the update requests and cautioned:
Meanwhile, this method was first seen in late 2018; the Electrum team has attempted to alleviate these attacks.