Feed for tag: electrum
Electrum Fishing Scheme Warning

A fishing malware scheme has been spotted targeting electrum wallet users. Electrum users are advised to read the warning explainer that has been setup here.

A malicious notification popup with a clickable link.

Users of many versions of Electrum released may see messages as pictured when attempting to send a transaction with their wallet. The message, or some variation of, purports that a security update is required to continue.

This is not the case.

The message is generated by the server you are connected to, and contains a link to a malicious modification of the wallet which, if installed, will result in the immediate theft of all of your money. If you install any software shown in a message such as this you have no recourse to recover your funds.

Fast Electrum Server in Rust

An efficient re-implementation of Electrum was recently developed by Roman Zeyde. It allows users to run an Electrum server on their machine with a required hardware not much more than a full node, it indexes the entire blockchain and the resulting index enables fast queries, this allows users to keep real time tracking of their wallets and transactions. As it uses the user’s machine, there is no need for the user to send requests to an external Electrum server preserving privacy for its users. It offers low CPU and memory usage, low index storage overhead and fast synchronization to the blockchain.

You can check out the implementation on Github from here.

Decompiling the Electrumpro Stealware

Electrum is a popular Bitcoin wallet, distributed on electrum.org and spesmilo/electrum.

A few weeks ago scammers bought the electrum dot com domain and started using it to distribute a modified malware version of electrum called ElectrumPro to steal its user’s bitcoins.

The electrum team published a decompiling guide for ElectrumPro binary on windows to proove that it is indeed stealing users:

This document describes how to decompile the “Electrum Pro” Windows binaries, and how to verify that they indeed contain bitcoin-stealing malware. We previously warned users against “Electrum Pro”, but we did not have formal evidence at that time.

Electrum: 3.1.3
Release Notes: Qt GUI: seed word auto-complete during restore Android: fix some crashes performance improvements (wallet, and Qt GUI) hardware wallets: show debug message during device scan Digital Bitbox: enabled BIP84 (p2wpkh) wallet creation add regtest support (via –regtest flag) other minor bugfixes and usability improvements
ElectrumPro Scam
The official Electrum website is electrum.org. There is an electrum.com that appears to be a scam, which calls its software Electrum Pro. Do not download or run any executables from this site - its binaries have not been verified. The original Electrum software is written entirely in Python, meaning it should never be compiled to create binary files.