In line with a recent official web-blog post by ‘Malwarebytes’, the total number of infected Electrum Bitcoin [BTC] wallets has now crossed a sum roughly over 152,000 following an ongoing DOS [Denial-of-Service] attack on its servers.
Malwarebytes revealed that the amount of infected machines within the botnet has amounted to as high as 152,000, with the total volume of affected funds increasing to around $4.6 Mln. The firm managed to pinpoint a loader called Trojan.BeamWinHTTP, that was also associated in downloading the previously-detected Electrum ‘DoSMiner’.
The major concentration of the bots is reportedly situated within the Asian Pacific region, Brazil as well as Peru, with the botnet that’s illicitly attacking the Electrum infrastructure continually growing.
As ‘reported‘ earlier in April, the continued DoS attack on the Electrum network was allegedly launched by a malicious botnet of over 140,000 machines, with the aim to steal users Bitcoins by referring them to faux versions of Electrum wallet software.
The attackers enforced their own Electrum servers hosting affected Electrum versions so as to realise the attack. Once users synchronise their vulnerable Electrum wallet’s with a malicious server, they’re directed to “update” their consumer with a hacked version, that eventually results in an on the spot loss of funds that were contained within the older versions.
Even earlier in December, the hack ‘allowed‘ a malicious party ‘hack‘ over 250 Bitcoins [around $937,000 USD at the reporting time]. Affected users reported attempting and failing to log in to their wallets once providing their 2FA [Two Factor Authentication] code. The hackers then swiped the wallet balances.
Just earlier in April, renowned hardware crypto wallet manufacturer namely ‘Ledger’ detected ‘malware‘ affecting its desktop application. The malware natively ‘modified‘ the Ledger Live desktop application with a malicious one, infecting solely Windows machines. Ledger additionally outlined that the malware cannot compromise users’ computers or digital currency, but solely represents a phishing attack in a bid to lure users to enter their private recovery phrases.