Vulnerability found in Electrum wallet, upgrade to version 3.0.4

in #bitcoin7 years ago

Bitcoin’s popular wallet Electrum identified a vulnerability in its software. It potentially allows random websites to steal your wallet via JavaScript. The bug presumably also affects altcoin derivatives of Electrum such as Electron Cash.

What to do?

Users are advised to stop using the older version of the software and upgrade to Electrum 3.0.4 before accessing the wallet. This is a security update and it fixes a vulnerability that was reported earlier today. If you don’t use Electrum or a derivative, then you are not affected.According to bitcointalk,

Update 1: If you had no wallet password set, then theft is trivial. If you had a somewhat-decent wallet password set, then it seems that an attacker could “only” get address/transaction info from your wallet and change your Electrum settings, the latter of which seems to me to have a high chance of being exploitable further. So if you had a wallet password set, you can reduce your panic by a few notches, but you should still treat this very seriously.

This is fixed now, see the release notes for details.

What is Electrum?

Electrum is one of the most popular Bitcoin wallets securing Bitcoin payments since 2011.It is fast, secure and easy to use free software released under the MIT License. It suits the needs of a wide spectrum of users. It’s focus is speed, with low resource usage and simplifying Bitcoin. No single entity controls the network. Anyone can run an Electrum server. It supports hardware wallets — Ledger, Trezor, Keepkey.

Follow us at Twitter, Facebook, Google+, Steemit and Medium. For weekly newsletter, subscribe here. For publishing Press Release and free listing of ICOat our website, email at [email protected].

This is originally published at EtherWorld.

Coin Marketplace

STEEM 0.19
TRX 0.18
JST 0.034
BTC 90853.98
ETH 3221.27
USDT 1.00
SBD 2.82