There is a phishing attempt going on currently on Electrum Wallet thus fooling the genuine participants in the cryptocurrency sector. If the posts on Reddit are any indication, then the scammy software is trying to bring the people into downloading the fake version of Electrum Wallet 4.0.0.
One of the main reasons to term it is electrum.org is not having any 4.0.0 version. The company also came out with its clarifications in a tweet and advised people not to fall prey to such emails that are doing the rounds.
Currently, the latest version of Electrum Wallet is 3.3.3.
The latest version of Electrum (version 3.3.3) will notify users when a new release of Electrum is available. Release announcements are signed by us, and verified by Electrum using a hardcoded Bitcoin address. This feature is optional and can be disabled. https://t.co/Y2DXoUyOgk
— Electrum (@ElectrumWallet) January 26, 2019
Deceiving Genuine Public
Responding to a post on Reddit, a user acknowledged that this was a phishing site and that the fake version leads all their coins to the hacker as there were more details in a number of longer threads. These were not only evident in the last three days but even in the one-month period. Another user indicated that the specific user joined GitHub only four days back and now was blocked. The attacker’s profile page could be seen under the user avatar so that blocking them is easier.
Incidentally, the cyber attackers have created another account and this was also banned. Following these incidents, there is a call to GitHub “to strtolower” all of their URLs since there is little difference between the fake and the original. Some Redditors were also disappointed and blamed Chrome for not distinguishing a font in view of the increasing scams.
Interestingly, another user pointed out that this could have been the “second cluster of reports of the same phishing” as the first one happened in December last year. There is a concern that the attacker could have several accounts.
In a tweet, MyEtherWallet.com warned about another phishing email that is doing the rounds currently. These emails sought personal information from users and advised them not to fall prey to such email. That is primarily because the company never email users and that it never seeks their private key or any other sensitive information from them. The firm wanted users to be skeptical about such phishy portals.
The deceptive email said,
“As security is a primary concern of ours, we want to make sure you are aware of a recent data compromise that has affected your MyEtherWallet with the Ethereum address.”
The company has acknowledged that there was a big scale man-in-the-middle attack in January and that the hackers have attacked the infrastructure thus intercepting DNS requests to their own server address. However, the company has claimed that it has resolved the issue and warned users to be cautious.
There’s another phishy email going around asking users to give up personal information. Don’t believe the hype!
#1. We will never email you first (only reply to support).
#2. We will never ask for your private key (or other sensitive info).
#3. Be skeptical! pic.twitter.com/654TLIt5ar
— MyEtherWallet.com (@myetherwallet) February 4, 2019