Popular hot wallet Electrum is now a target of cryptocurrency hacking. Recently, the cybersecurity company Malwarebytes has reported that DDoS botnets have affected over 152,000 users.
This incident is a recent addition to the unending saga of hackers targeting crypto exchanges and hot wallets. Malwarebytes reports that this recent attack in April has resulted in the stealing of $4.6 million worth cryptocurrencies.
Blockchain, the technology underpinning cryptocurrencies like Bitcoin or Ether is remarkably secure. The technology encompasses decentralization, transparency, digital signatures, modern cryptography, and consensus algorithms to guard against hackers.
However, different blockchain networks do not have interoperability, in so far as a Bitcoin user cannot execute transactions on the Ethereum network using Bitcoin. This has given rise to cryptocurrency exchanges.
Crypto users typically store some of their coins on crypto exchanges, using the hot wallets that these exchanges provide. This helps them in conducting crypto transactions relatively quickly. Alert and knowledgeable users store their remaining funds in cold-storage wallets.
Cold-storage wallets, also called hardware wallets are not connected to a network, which secures the coins stored in them from cryptocurrency hacking. However, users will eventually need to bring them into a hot wallet for conducting transactions.
Hot wallets, while providing a significant amount of security, are connected to devices on a network. When users make use of such hot wallets provided by crypto exchanges, they essentially hand over their private keys to a 3rd party.
These factors combine to make hot wallets relatively less secure. Add to the relative anonymity of cryptocurrency transactions, and you can see why these are lucrative targets for hackers.
Cryptocurrency hacking continues unabated
As you would expect, hackers continue to target crypto exchanges and hot wallets. For e.g., Zaif, a crypto exchanges based out of Japan recently lost $59 million worth of cryptocurrencies to hackers. Another example is the recent Binance hack, resulting in the loss of $40 million.
Electrum is a well-known hot wallet for Windows, Mac, Android, and iOS. It’s an easy-to-use wallet, however, it faces the same vulnerabilities that affect the others of its kind.
In the current instance, Electrum users were tricked to download an update, as Malwarebytes has reported in their blog. This malicious update resulted in the stealing of coins from their wallets.
At one point in time, the number of infected devices reached as high as 152,000. Electrum developers discovered the vulnerability and swung into action to protect the wallet users.
However, the attackers noticed it and launched a large scale “Distributed Denial of Service” (DDoS) attack to thwart the recovery efforts. Electrum users in Asia-Pacific, Brazil, and Peru were the worst affected.
Crypto users need to exercise caution
The cryptocurrency space isn’t easy to navigate, since users need a certain degree of computer literacy. Hackers continue to make life harder for crypto users, with new attacks. Crypto users need to keep their devices up-to-date, install the required security patches, use hardware wallets when not transacting, and keep only limited number of coins in their hot wallets.
