TrustMarketHub

SCAMS & FRAUDS REPORTING HUB => General Scam Reports => Topic started by: TrustMarketHub on

Title: Phishing Attacks hits Electrum and MyEtherWallet wallets users
Post by: TrustMarketHub on
On Feb. 4, the team behind MyEtherWallet tweeted a warning about a phishing email that was sent to users, asking them to divulge personal information:

Attention #MEWfam,

There's another phishy email going around asking users to give up personal information. Don't believe the hype!

#1. We will never email you first (only reply to support).
#2. We will never ask for your private key (or other sensitive info).
#3. Be skeptical! pic.twitter.com/654TLIt5ar

— MyEtherWallet.com (@myetherwallet) February 4, 2019

One user on Reddit found that a phishing scam attempting to steal sensitive data from Electrum customers was posing as a security update. Redditor exa61 posted a picture of a system message, allegedly from Electrum wallet, requiring a security update to Electrum 4.0.0, while the latest version of the wallet is currently Electrum 3.3.3.

The latest version of Electrum (version 3.3.3) will notify users when a new release of Electrum is available. Release announcements are signed by us, and verified by Electrum using a hardcoded Bitcoin address. This feature is optional and can be disabled.

In the thread, one user pointed out that it was “the second cluster of reports of the same phishing, and the first one was at the end of December 2018,” adding that the would-be hacker could have “100 GitHub accounts.”

Electrum subsequently published a warning on their website, notifying that “versions of Electrum older than 3.3.3 are vulnerable to a phishing attack, where malicious servers are able to display a message asking users to download a fake version of Electrum.” The company warned its users to not download software updates from other sources.

Recently, an unidentified hacker or hacker group purportedly detected a security vulnerability in the LocalBitcoins forum and linked it to a phishing forum. In a Reddit post published by the community manager, LocalBitcoins claimed that the identified vulnerability had been contained in third-party software, and confirmed six known cases of users being affected.