Lately, an ongoing attack against the Electrum Bitcoin wallets has grown bigger and stronger with the attackers that are now targeting the whole of the infrastructure of the exchange with a botnet over 152,000 infected users raising the amount of the stolen users’ funds to USD 4.6 million. The Electrum wallet has been facing the cyber attacks since December last year when a squad of the cybercriminals exploited a weakness in the Electrum infrastructure to trick the wallet users into downloading the harmful versions of the software. In short, the attackers have added some malicious servers to the Electrum peer network that were designed to purposely display an error to legitimate the Electrum wallet apps forcing them to download a harmful wallet software update from an unofficial GitHub repository.
The phishing attack has eventually permitted the attackers to steal the wallet funds which are almost 250 Bitcoins that amounts to $ 937,000 at that time and take over the complete control over the infected systems. To counter with this, the developers of the Electrum have exploited the same technique as the attackers in order to encourage the users to download the latest patched version of the wallet app. In the counter response, the attackers then started to DDoSing legitimate Electrum servers in an attempt to trick the older clients into connecting to the malicious nodes while the legit nodes became overwhelmed. As per the post published by the Malwarebytes Lab research team, the number of the infected machines that has downloaded the malicious client software and are unwillingly participating in the DDoS attacks has reached 152,000 which was less than 100,000 last week. The attackers that are behind these campaigns are distributing a botnet malware dubbed as “ElectrumDosMiner”.