Blog

A bug in old versions of legit electrum is being exploited by scammers to send people phishing messages. Users are advised to not follow any links in electrum error messages. The developer Somber Night summarizes the situation best:

To users: when you broadcast a transaction, servers can tell you about errors with the transaction. In Electrum versions before 3.3.3, this error is arbitrary text, and what’s worse, it is HTML/rich text (as that is the Qt default). So the server you are connected to can try to trick you by telling you to install malware (disguised as an update). You should update Electrum from the official website so that servers can no longer do this to you. If you see these messages/popups, just make sure you don’t follow them and that you don’t install what they tell you to install. The messages are just messages, they cannot hurt you by themselves.

If you see such a message and it’s stopping you from spending your bitcoins just switch to a different server.  Also update to the latest electrum from the official site.

In Electrum 3.3.4 and later the phishing messages are no longer shown but Electrum servers can still stop you from spending your coin. So once again you should simply switch to a different server.

Malware authors only put in the minimum effort needed to steal from users. In the past it was pretty easy for them to put up a fake electrum site and then advertise it on google adwords. The ad would show up above search results and newbie users would click on it, download the malware versions and receive bitcoin to wallets created with it only to find the coins stolen shortly afterwards.

Continue reading The evolution of malware targeting Electrum users

A scammer has recently acquired control of the domain name Electrum dot com and is distributing fake versions of Electrum software.

Continue reading Scammer acquires control of electrum dot com to distribute malware