Electrum is one of the best and most popular light wallets. There was criticial bug found in it today.
If you had it running and any website open there is a chance the wallet is compromised.
The bug is fixed in spoke 3.0.4 but since it was developed fast its not sure there is no more problems found that hackers may use.
Since today the vulnerability is known to the public so many people can try to exploit them.
More info: https://github.com/spesmilo/electrum/issues/3374
If you need to access your BTC and cant wait a day or two for things to settle - download latest Electrum, close all websites (maybe even restart computer) upgrade.
Good news - if you have password on wallet (whcih actually electrum pushed to make) you should be safe for now.
Follow, Resteem and VOTE UP @kingscrown creator of http://fuk.io blog for 0day cryptocurrency news and tips! |
 |
|---|
Another upgrade needed to 3.0.5
Thank you for the heads up, I do have it on my phone.
This sounds like a major security hole and many people wont bother or know to upgrade. I expect this one will run for some time yet. I haven't heard of anyone losing coins due to this but I'm sure its only a matter of time.
I am very new to the cryptocurrency world (as well as to Steemit). When I first heard about people receiving monetary gain for investing in coins that they believed in, I started watching CoinMarketCap.com to see if what people were saying was true.
It was really fun to see some coins climbing up the ladder in value over just a five day period. That's what got me thinking that my husband and I should take a risk and give this whole thing a try.
We don't have a wallet just yet. We are still waiting for our very first Coin Base deposit to transfer over into the crypto system. But, hearing about hackers like this is a bit discouraging.
I guess when a good hero is created, a nemesis must come along? ... I heard people should be using offline wallets to protect their investments though.
Good, @grizgal that you haven't heard of anyone losing coins over this.
Welcome to Steem and the crypto space! Once you start, you should seriously consider maintaining your wallet offline. I believe the best security is a hardware wallet like to the Ledger Nano S or Trezor. Also, when starting to invest in anything, make sure you do your homework first and don't rely on any one source.
Thanks so much for the warm welcome. I heard about the Ledger Nano, but not Trezor. I will look into it now.
In regards to doing your homework before investing, I do have a question.
How is that the value of coins can be different from one site to another?
For instance, it could be 9pm and Ether could be valued at one amount on one site, but then at the same time, the value could show up as something different on Coin Base.
Its the same as all currencies. With major fiat currencies, large institutions take advantage of any difference in price almost immediately, making the price appear the same on all exchanges. This is starting to happen in crypto but will take time.
Welcome @sophieareli to Steem and cryptowonderland.
Another to advices:
@dauerossi, hubby and I are investing.
I'm so excited. Our money finally cleared in Coinbase last night and we signed up for Binance. So, we are now on our happy way.
And, thanks for the great tip about not transferring with Bitcoin. We are still learning and will look into more things. :)
The same reason you can go to one store and find an item for a different price at another store. That's just the price at that market. Normally they stay relatively close to each other, but when there's a big disparity you can buy at the cheap exchange, transfer to the higher one and sell for a profit. I believe that's called arbitrage.
Oh, okay. That makes sense. And, thanks for the tip on taking advantage of the cheap exchange rate. Wow.
Or a coldwallet live-CD like Bitkey, https://github.com/estevaocm/bitkey
Yeah.... only a matter of time. This is the fact. @grizgal
Yeah.... only a matter of time. This is the fact. @grizgal
fucked up thats why I only trust ledger nano s
thank you
This is a repost of a previous comment I made on a similar story but this advice still holds true. There will always be new bugs and by using your main computer to hold crypto assets YOU ARE AT RISK! A keylogger with a simple exploit in ANY program you have installed could mean you lose everything.
As such I’d recommend if you have a lot of money stored in wallets or even on exchanges get a crypto only PC(possible running a super security focused Linux beach) that you keep updated, have little extra software on, and turn on rarely. It might cost a couple hundred but there’s a ton of hackers out there looking for easy money in the form of your crypto wallet.
Trezor, Ledger, etc. are always best but for some people who keep coins on exchanges, or trade a lot it isn’t an option.
Very informative, nice post. One need to be very careful.
Fresh install your operating system, disable Wifi and any other networking/internet connectivity, add offline wallet generators. Never put that computer online or on a network and that's about as secure as you can get.
I understand the convenience of keeping crypto assets in exchanges / electronic wallets, but if you're dealing with a substantial sum of money the risks just aren't worth it. Keep safe and stick to paper wallets.
Good information, thanks for sharing :)
Good work
It's gonna to bound out, for those currency
I'm glad to hear the encryption makes it secure for now. But this is really scary for many reasons. Electrum's status as a high profile accepted secure wallet is bad, if a big dog is exploitable, what about smaller companies with less funds to protect against it. Also this times up days before a hard fork in BTC blockchain for BTR (BitCoib Rhodium) airdrop. BTR specifically recommended Electrum wallet for the airdrop. I hate "coincidences" like that...
Wonderful post! Thanks for your enlightenment on the danger of ELectrum Wallet. By this your expert advice, I am better informed. Keep it up. I follow and upvote you.
Thank you for your post :-)
Thanks for giving us a valuable awareness post. Keep it up and try to give next update. @kingscrown
Wow, I had no idea the security issues. Thanks for the update! Moving funds and updating wallet now. No issues thankfully.
Thanks alot for sharing Dear,God bless You
Wow that is scary. Hard to know what wallets/exchanges to use. Only time will prove which are the safest and most trust worthy.
And that is why you always use passwords ;)
Thanks for the information, i heard about this before and thought it was a joke but nw i know how real it is.
very interesting post
I heard about this earlier on, imagine loosing your hard earned coins over this. Thanks for sharing.
even the fact that the vulnerability has been eliminated creates a great mistrust of this wallet. But the main thing is that most users may not know about this vulnerability and get into such trouble.
Thanks for the information, as many users as possible should know it
Good information 👍
everyone busy in buying and selling and this important issue of security should be managed and tested in various ways to make it possible that the bitcoins are safe and sound.Authority should apply check and balance over its wallet. Nice information got from your blog. I have upvoted and follow you. Do follow me and upvote. thanx
thanks for the warning.
I recently got acquainted with this purse and was going to introduce money there in the near future. I am very glad that now, thanks to you, I know about this vulnerability.
now I will look for a more reliable alternative
Thank you for this information! I do have the password enabled on my wallet, however I will still be sure not to have any other websites open while in my wallet.
nice great follow you and full vote thanks...
This exploit was aroud for a month or more, idk how come you guys know now. There is even bigger exploit then this it's just not safe.
Don't use it in anyway guys. The site is just a dead end.
Wow good information.
Thank you for selflessly sharing this information about the bug on Electrum to the Steemit community. It definitely helps everybody to keep their hard earned cryptocoins safe and sound by raising awareness of security issues!
This is so informative, thanks for sharing 👆👆
Wanna try cloud mining? No noisy and slow computers at home. Everything automated , you choose hashrate, crypto to mine, pay and just sit back and let everyone else do the work while you are making money.
Genesis-mining.com 4% DiscountPromo Code!
hc5xet
Coinbase exchange:
Get $10 of FREE Bitcoin here! https://www.coinbase.com/join/592806a22cc81a06aa0b44a8
Guide can be found here: https://easyworkmakemoney.wordpress.com/2018/01/07/invite-friends-and-get-free-bitcoin/
On Coinbase you can also buy more Bitcoins, Litecoins and Ethereum with a creditcard.
Binance
Also, join the number 1 best crypto exchange! https://www.binance.com/?ref=12881218
It is free!
Very useful. Information was. Very. Thank you @kingscrown
I hope this bug is found by company itself. Hackers, Please make your weekend longer
excilent post
hello Mr. the subject published in your post is very delicate please activate the security mechanism to correct the failure and to be sure of the hacker
do not forget to follow me and I invite you to read my post
also give me up vote to help other people.
Takecare
Thanks for information.
Please visit to my blog
Thanks for sharing very informative post .. security related..
@kingscrown
I like digital currency.
Nice post keep it up @kingscrown
Very useful, thanks man!
as far as I have worked with the electrum wallet, I always felt kinda uncomfortable. thinking of getting your whole money into it is really scarring the shit out of me.
Oh man!
Thats really bad, if your btc coins are not save!
Because many people are investing in it and if it is not secure it effect the market at some point!
Thanks @kingscrown for knowledge of electrum sir!!
Ok
Thank's for this valuable information.
oh i have offline wallet for electronium is there any danger for offline walletsof electronium @Kingscrown
Thanks @Kingscrown for sharing this vital information
Thanks for the warning! Obviously I have encrypted my wallet with a password, but this is a bis issue nonetheless.