Report: Hackers have stolen over $22 million from Electrum users via fake software updates

Hackers have stolen $22 million from users of the popular bitcoin wallet Electrum by enticing people to install fake software updates, according to an investigation from ZDNet.

The fake updates, which are prompted by popup messages, trick users into installing malware onto their computers. Users have reported that their funds were stolen immediately upon downloading the file.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

This technique has been seen before. The Block reported in 2018 that criminals used the same approach to steal over $700k from Electrum wallet users. The new investigation from ZDNet illustrates the extent to which the scheme has persisted throughout 2019 and 2020.

According to ZDNet, the Electrum team has several steps to prevent this kind of attack since it was first detected two years ago. But the attack still works on users operating on older versions of the app. 

About Author

MK Manoylov has been a reporter for The Block since 2020 — joining just before bitcoin surpassed $20,000 for the first time. Since then, MK has written nearly 1,000 articles for the publication, covering any and all crypto news but with a penchant toward NFT, metaverse, web3 gaming, funding, crime, hack and crypto ecosystem stories. MK holds a graduate degree from New York University's Science, Health and Environmental Reporting Program (SHERP) and has also covered health topics for WebMD and Insider. You can follow MK on X @MManoylov and on LinkedIn.