Admins of popular Bitcoin wallet, Electrum, are warning users of a phishing attack that tricks its users into downloading a malicious update that steals their password codes. According to ZDNet, these hackers added tens of malicious servers to Electrum’ wallet network which, when triggered, prompts users to download a wallet update containing malicious code. Users of this updated version will be asked to enter their 2-factor authentication code, which the hackers will use to access their wallet—emptying their balance. Hackers were able to steal over 200 bitcoins, approximately $730k at the time of this writing.
According to ZDNet, the core issue for Electrum is that it allows “popups with custom text” to trigger in a user’s wallet interface. This enables attackers to get direct access to their victim’s interface and render authentic-looking server messages like the one below.