The number of infected Electrum () wallets has reached 152,000 following an ongoing Denial-of-Service (DoS) attack on its servers. The development was by anti- software firm Malwarebytes in a blog post on April 29.
Malwarebytes discovered that the number of infected machines in the botnet has amounted to as high as 152,000, with the volume of stolen funds increasing to $4.6 million. The company managed to pinpoint a loader dubbed Trojan.BeamWinHTTP, which is also involved in downloading the previously-detected Electrum DoSMiner.
The largest concentration of the bots is reportedly located in the Asia Pacific region, and Peru, with the botnet that is attacking the Electrum infrastructure constantly growing.
In early April, Cointelegraph that the ongoing DoS attack on the Electrum network was allegedly launched by a malicious botnet of more than 140,000 machines, aiming to steal users’ by referring them to fake versions of Electrum software.
As reported, the attackers implemented their own Electrum servers hosting compromised Electrum versions in order to realize the . After users sync their vulnerable Electrum with a malicious server, they are directed to “update” their client with a hacked version, which eventually leads to an immediate loss of funds that were contained in the old versions.
Last December, the hack a malicious party steal almost 250 (about $937,000 at the time). Affected users reported trying and failing to log in to their wallets after providing their two-factor authentication code — something Electrum did not in fact request during login. The hackers then emptied the balance.
Earlier in April, hardware manufacturer Ledger malware targeting its desktop application. The malware locally replaced the Ledger Live desktop app with a malicious one, infecting only Windows machines. Ledger further noted that the malware cannot compromise users’ computers or digital currency, but only represents a phishing attack in a bid to lure users to enter their 24-words recovery phrases.
Published at Mon, 29 Apr 2019 21:08:30 +0000
