Watch out for Bitcoin-stealing Malware

By Raghav Sawhney

Electrum, the famous Bitcoin wallet has revealed proof demonstrating that a copycat wallet app is stealing away individuals’ Bitcoins. As stated by Electrum, the Bitcoin-stealing malware “Electrum Pro” is carefully crafted and designed with malware to hijack individuals’ private seed keys. After knowing about the Bitcoin-stealing malware used of Electrum Pro, Electrum is advising the user’s to be more careful and cautious about the bogus Bitcoin storage system.

Electrum was launched in the year 2011 and is one of Bitcoin’s most popular and well-liked wallet patronage. Many users have faith and trust in this wallet, considering its security and easy-to-use features. Electrum also supports advanced feature such as Multisignature (Multisig) authentication along with its compatibility level with the hardware wallets such as Trezor and Ledger.

Lately, Electrum Pro – A new wallet with the parallel name as Electrum suddenly emerged with a domain name, “Electrum.com”, with an aim to reroute users from the legitimate website- “Electrum.org”.

The team responsible for Electrum stated that Electrum Pro is a malicious software that is meant to steal users’ Bitcoins. To add to this situation, Electrum Pro appears above the legal and valid Electrum on the Google search results due to Google Ads, an element that will tip up many users.

The team responsible for Electrum has clarified and given a detailed description on Github regarding Electrum Pro. One can find the code used by Electrum Pro on Github used to send the stolen recovery seeds to the attackers.

The majority of contemporary modern wallets use a “Recovery Seeds” feature that generates random words which can be used as a security pass that allows the user to recover the wallet if one loses the original key due to any reason. Whenever a user tries Recovery seeds, a new key is generated, and as soon as the new keys are transferred, the hackers use this newly generated key to recover and redeem the user’s wallet along with their entire funds.

This is not the first time when a duplicitous Electrum wallet has surfaced on the internet. Scammers and hackers have enrolled and registered many similar domains with a contaminated and infected software for the individuals to download. Although, this has been the first case in which the scammers have been able to affect a large number of people with the official use of “Electrum.com” domain.

If an individual has not visited or worked with the original Electrum website “Electrum.org” then it would be difficult for them to differentiate the original Electrum website from the fraudulent Electrum Pro website due to its similarity and professional appearance built up to level. The only difference one could notice is the logo of both the websites.

The logo of Electrum Pro is slightly different from that of the original Electrum. It also claims to be a separate branch of the original and legitimate Electrum wallet.

According to reports, Electrum claims that the malicious software can be only accessed through the Windows and OS X version of Electrum Pro. There is no sign of the Linux version being affected by the malicious software probably because the scammers did not want it to be out in plain and open sight.

In order to tackle and prevent any further problems related to Electrum Pro, the official Electrum has recommended users to always check the GPG signature before putting the wallet into service. They are also working towards building an official app on the Mac App store and verifying and checking the wallets using the Windows Native system.