Nick Chong · 1 day ago · 2 min read
The servers of Electrum, a popular Bitcoin wallet, were under heavy denial-of-service (DoS) attacks Sunday night; The total amount stolen could be in the “millions of dollars” so far. The company advised its users to limit the use of the platform until the issue is resolved, but provided little information on the investigation that’s underway.
Servers of Popular Bitcoin Wallet Under Attack, Millions of Dollars Could be Stolen
Electrum, a hugely popular Bitcoin wallet, is currently under heavy attack. The company announced on Twitter that its servers had fallen victim to heavy denial-of-service (DoS) attacks and that it was working on a more robust version of the Electrum server.
Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually.
— Electrum (@ElectrumWallet) April 7, 2019
Hackers have launched the attack in order to direct users to compromised versions of the server designed to steal their wallet balances.
A security researcher familiar with the technology revealed that if these fake versions of Electrum are installed, all funds contained in the old versions are immediately lost. The unnamed source reportedly told Hard Fork that the total amount stolen is “in the millions of dollars so far,” adding that a $140,000 alone was stolen from a single user.
DoS Attack Continues Streak of Thefts from Electrum
While there is still no concrete evidence that links the ongoing DoS attack to any of the other previous attacks on Electrum, many Reddit users looking into the matter suspect there might be more to it. Phishing attacks have been a regular occurrence in the Electrum community for months, with the Trojan horse ‘electrumstealer’ and its variants believed to have stolen millions of dollars worth of Bitcoin so far.
As the ongoing attack only seem to be targeting users with outdated Electrum clients, some have speculated that it was made in retaliation for the new protections made for Electrum users.
While developers are working on solving the issue, Electrum advised its users to download Electrum software either from the official domain or the company’s GitHub repository.
Users are also encouraged to run their own servers, as increasing the number of legitimate servers could help dilute the strength of the attack.