You are viewing a single comment's thread from:

RE: Daily: MAJOR Electrum Wallet Hack, Binance Reopens!

in #bitcoin7 years ago

Hey, I provided the link to the corresponding github issue. With JavaScript you can scan the JSONRPC port and for unprotected wallets, you will receive an alert giving away the seed like seed: {"id": 0.7398595146147573, "result": "pony south strike horror throw acquire able afford pen lunch monster runway", "jsonrpc": "2.0"}!

Sort:  

Wow, this is quite unsettling! Nowadays it is not really possible any more to have JavaScript deactivated because most pages require it. The best thing might be to use hardware wallets (such as Ledger or Trezor), but they do not support most of the coins so far.

Please don't hold your bitcoin on the regulated exchanges folks. They will serve their own best interests first, not ours.

This is not about an exchange! The flaw is inside a dedicated wallet Electrum, iti is probably the most widely-used light wallet!