Malware users are targetting unsuspecting crypto users through an Electrum Wallet scam asking for their credentials. The malicious actors are targetting users that are still using an older version of Electrum.
The attackers find victims by using fake Electrum servers to send popup messages to people using the old version of the wallet. These popups encourage people to install fake updates, allowing them access to their computer and wallet credentials.
Electrum Wallet scam
The fake updates, prompted by the popup notifications, trick victims to install malware on their device. The attackers use servers to send these notifications directly through.
Once the install has finished the application requires a one-time password (OTP) from the user. On entering this code, the user has granted the attacker permission to drain funds from his wallet.
According to business technology website ZDNet, the attackers have already managed to accumulate $22 million through Electrum Wallet scam. This was estimated by taking a look at the attackers’ wallet address. The address holds 1980 BTC that are worth around $22.5 million at the current trading price.
ZDNet revealed that this technique of phishing first emerged in December 2018. Since then, this attack technique has been used across multiple campaigns to defraud crypto investors.
The website tracked multiple criminal wallets that stored these stolen cryptocurrencies during 2019 and 2020. These attacks continued to occur during this period with some attacks taking place as recently as last month.
Many Electrum users confirmed this study in Bitcoin abuse portals. They revealed that their Electrum Bitcoin wallet application received update request following which their wallets were drained of funds. The funds were sent to the attackers’ address.
Cybercriminals have been using a loophole in the operating method of Electrum wallets that allow them to set up servers and wait for users to randomly connect to their network.
When this happens, the attacker is able to send popup messages to the user and promote the Electrum wallet scam.