Report: 152,000 Electrum Bitcoin Wallets Infected by a New Trojan

Electrum, one of the most popular Bitcoin wallets, has been suffering from a relentless Distributed Denial-of-Service (DDoS) attack since late 2018. The attack has so far reached over 152,000 infected wallets and managed to steal $4.6 million. The anti-malware software firm Malwarebytes recently reported these statistics in a blog post. The firm has been gathering data and investigating the ongoing developments of this attack.

Malwarebytes discovered through their data gathering and analysis that the largest concentration of these attacking bots was located in the Asia Pacific region, Brazil and Peru. The locations of these botnets were tracked by locating the location of their IP addresses. The company managed to pinpoint a loader dubbed Trojan.BeamWinHTTP, which is also involved in downloading the previously-detected Electrum DoSMiner.

The attack was allegedly carried out using a botnet of over 140,000 machines. The main purpose of the attack was simple and obvious: to steal users’ BTC by redirecting them to fake versions of the Electrum software. The attackers implemented their own Electrum servers which were hosting compromised Electrum versions.

In the report, Malwarebytes also remarks that the botnet is growing rapidly. The botnet took just one day to go from under 100,000 infected devices on April 24 to 152,000 infected devices on April 25.

Last December, the hack allowed a third party to steal 250 BTC, which amounted to almost a million dollars at the time. The users affected by the hack reported that they were not able to log in even after providing two-factor authentication code. Electrum software did not ask for two-factor authentication. The hackers would then empty the infected wallet.

The report by Malwarebytes also comments on the fact that the attack has largely gone underreported by the mainstream media but they still have cost users millions in stolen funds. The report reads:

“While these DDoS attacks have not been publicized much by mainstream media, they have undoubtedly caused millions of dollars in losses over the span of just a few months.”

Cryptocurrency exchanges and other services have drawn a lot of criticism over the constant news of attacks and theft that they are victims of. More often than not, these attacks are only made possible due to the negligence of these companies which are responsible for protecting their customers’ funds.

Sharing Is Caring: