Threat Database Malware ElectrumDoSMiner


By GoldSparrow in Malware

One of the most popular Bitcoin wallet applications is Electrum with users in the millions. This has not gone unnoticed by cybercriminals who saw an opportunity to make some quick cash on someone else's expense. Recently, with the latest update of Electrum, a vulnerability was uncovered, and the cyber crooks leaped to grasp this tempting opening.

The attackers could put up a message directly into users' wallets, and this way manage to trick users into believing it is legitimate by making them think it is the developers of Electrum who are displaying it. The message itself stated that the user should head to a third-party site to download the latest update for Electrum. This should have been a warning, but some users fell victim to the tactic. As a result of this sensitive information like passwords, addresses, and private keys of numerous Electrum users were collected. Armed with all this data the attackers managed to steal about $4 million or 771 Bitcoin.

Despite already having $4 million in their pocket, the cyber crooks were not happy one bit when the Electrum's developers patched the vulnerability and stopped the attack. In fact, experts believe that they were so mad that they launched a DDoS (Distributed-Denial-of-Service) attack on Electrum. The attackers used a botnet called ElectrumDoSMiner, which is fairly limited in terms of features but consists of a total of over 140,000 devices. Most of the machines that have fallen into the hands of ElectrumDoSMiner and became loyal minions to this threat are located in Brazil, India, and Peru.

Such mass scale attacks serve to remind us to never drop our guard when online, especially when it comes to information and finance. If something seems off, it probably is. Even major companies like Electrum can suffer an infiltration like this, which cost their users millions of dollars in total.


Most Viewed