Crypto-hunting hackers have stolen more than $22 million from the users of Electrum, a popular Bitcoin wallet, in the past two years using a “simple technique” involving fake updates, as per a ZDNet report Monday.
How an “update” proved expensive
Relevant posts on Bitcoin forums showed hackers managed to send out “update” notifications for the Electrum app on victim phones. When the latter did update their apps, the funds were immediately stolen and siphoned off to wallets allegedly controlled by the hackers.
The hackers seemed to have a clear idea of how the Electrum wallet operated, the registries it used, and how security was handled. It was with this knowledge that they were able to go undetected and steal from victims.