1,400 Bitcoins Lost, This Bitcoin Investor Suffers Heavy Losses Due to Wallet Vulnerability

According to Cryptopotato on August 31, an anonymous Bitcoin investor named "1400BitcoinStolen" said on Github that he "foolishly" installed an old version of the Electrum wallet and lost 1,400 BTC (about $16 million). It turned out that this was a phishing scam.

trap

The victim explained that the last time he accessed his wallet was in 2017. Electrum has since released security updates, but the user has not installed them. This time, after setting up the wallet and trying to transfer 1 Bitcoin, he received a pop-up message asking him to update the system before he could transfer Bitcoin.

However, he didn't know it was a phishing trap. When he followed the prompts, the software used a vulnerability to connect to the hacker's server. All his bitcoins were automatically taken out of his wallet and deposited into the hacker's wallet address.

Can Bitcoin be recovered?

Bitcoin transactions are irreversible and can only wait for the recipient to refund. Nevertheless, 1400BitcoinStolen said he has contacted the blockchain analysis company Coinfirm and is currently waiting for a response.

Coinfirm claims it can help victims of fraud recover cryptocurrencies, especially Bitcoin and Ethereum. The company stated on its website that after evaluating the information provided by the victim, once the case is approved, it will conduct an investigation and return the stolen cryptocurrency to the victim's wallet.

Unfortunately, this is not the only case of someone falling for a phishing scam due to an Electrum wallet update. In fact, anyone can potentially lose their cryptocurrencies when a wallet security update is released, as updating the wallet automatically provides hackers with access to their cryptocurrencies.

This year, Protocol Podcats host Eric Savics also shared his experience of losing his savings for similar reasons.

Electrum is an early Bitcoin wallet launched in 2011 and has been updated several times. As a "light client", the Electrum software must first connect to a public server before it can connect to the blockchain, which gives hackers an opportunity to exploit. Sadly, with each update, hackers use the previous version of the wallet to deceive unsuspecting users.

Back in 2018, the Electrum wallet suffered a major phishing attack that resulted in the loss of more than 243 Bitcoins, worth nearly $1 million at the time. Hackers created multiple malicious servers that asked users to install the latest security systems.