On February 4, users of the Electrum and MyEtherWallet cryptocurrency wallets faced phishing attacks.
Phishing attack is a fraudulent and illegal attempt to obtain confidential data – personal or bank information of users; at the same time, the attacker impersonates himself as a trustee and sends the user a message with a malicious link. The link usually leads to a page where the user is asked to enter personal data, or clicking the link initiates the installation of malicious software on the user’s device.
On February 4, MyEtherWallet developers tweeted warning about phishing emails, asking users to share personal information. The MEW developers’ message states:
“Attention to the MEW community!
Attackers send phishing emails that ask users to share personal information. Do not believe this deception!
1. We never send you emails (except for help desk answers);
2. We never request your private key (or other confidential information);
3. Be skeptical! ”
One Reddit user discovered a phishing system message, also trying to get hold of the confidential user data of the Electrum wallet, and which pretends to be a security update. The user of Reddit EXA61 has published an image of a system message that requires updating to Electrum 4.0.0, while the latest version of the wallet is denoted as Electrum 188.8.131.52 of January 2019, Electrum team reported:
“The latest version 3.3.3 of Electrum will notify users of the new version of the wallet. Release announcements are signed by us, and new versions of the wallet are checked using a hard-coded bitcoin address. The update feature is optional and can be disabled. ”
One user noticed that these are the same phishing attacks that were at the end of December 2018, and that this hacker probably has “GitHub accounts”.
A warning was also posted on the Electrum website that “versions of Electrum older than 3.3.3 are vulnerable to phishing attacks — cases where malicious servers may display a message asking you to download a fake version of Electrum.” The company also warns that you should not download updates of this software from other sources.