Bitcoin wallet Electrum has exposed on GitHub how a similar service Electrum Pro can steal user data. The claim has been externally verified.

Electrum Pro, launched in March 2018, has come under severe attack from a popular Bitcoin service Electrum. The company has published a step-by-step guide to decompiling the python-based binary for the Electrum Pro wallet’s code.

Hence, they found a function in the wallet’s code — lines 223–248 in the electrumpro_keystore.py — that copies the users’ seed-phrases and subsequently sends them to the electrum.com domain. Once in place, the site’s owners may steal cryptocurrency from a corresponding account.

“We previously warned users against ‘Electrum Pro’, but we did not have formal evidence at that time,” Electrum team states.

Even though Electrum only analyzed the Windows binaries distributed by “electrum dot com” as well as the Mac .dmg file, they are convinced that other “Windows binaries are malicious as well.” At the same time, they state that the Linux package has remained unaffected.

Armin Davis from Block Explorer News has confirmed the claim using the same decompilation algorithm as the Electrum team: “We now have proof that “Electrum Pro” is bitcoin-stealing malware. The sha256sum of ElectrumPro-4.0.2-Standalone.zip  is f497d2681dc00a7470fef7bcef8228964a2412889cd70b098cb8985aa1573e99. This hash can be confirmed independently using http://archive.org .”

Despite the fact that this is not the first time a fraudulent Electrum-like wallet service appears, Electrum Pro stands out. Thus, unlike the previous cases, they managed to get hold of the electrum.com domain which is similar to the official website — electrum.org — hence maximizing the chances of attracting customers who are not aware of the difference. On top of that, Electrum Pro uses Google Ads to pop above the original website promising that its service is fast, secure and easy to use.

To combat this fraud, Electrum recommends users scrutinize GPG signatures before utilizing the wallet. Electrum has also promised to use Windows native schemes to verify the wallet.

At the same time, it should be noted that so far none of the Electrum Pro users have claimed to have their funds stolen.

Previous article$10 Billion of Bitcoin are stored in Bunkers
Next articleBitcoin (BTC) Forecast: 36,000 USD by the end of 2019
Lesia Dubenko
A warm hello from Ukraine! My name is Lesia, I am a journalist, writer, political scientist, and crypto enthusiast. Before joining AltcoinBuzz in May I knew nothing about crypto, I was in the dark (it was very gloomy indeed). I was all skeptic and suspicious. But then one day, probably in June-July when I was doing a podcast with James and Matt, I finally grasped the concept in full. That is when I truly started to enjoy it thoroughly. I am a big believer in crypto and blockchain. There is no doubt that it is the future. But be patient, it needs time, like a fine Chardonnay. However, if you want to know when the next bull run is happening, I highly recommend asking Luc Lammers. He will definitely spill the beans! xxx

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.