{"id":27927,"date":"2020-08-31T10:47:18","date_gmt":"2020-08-31T07:47:18","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=27927"},"modified":"2025-08-26T23:59:54","modified_gmt":"2025-08-26T20:59:54","slug":"investor-loses-1400-bitcoins-after-using-an-older-electrum-wallet","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/investor-loses-1400-bitcoins-after-using-an-older-electrum-wallet\/","title":{"rendered":"Investor loses 1,400 bitcoins after using an older Electrum wallet"},"content":{"rendered":"

Malicious actors stole 1,400 bitcoins (~$16.3 million at the time of writing) from a cryptocurrency investor who had held the coins since 2017. He disclosed this on GitHub<\/a><\/p>\n

A user using the handle 1400BitcoinStolen said that he stored BTC on an Electrum wallet that he had not accessed since purchase.<\/p>\n

Seeking to transfer the funds, he installed an older version of the app, but could not complete a transaction. A pop-up window prompted him to update the wallet to the latest version for security reasons. After installing the update, his funds were moved to the attacker\u2019s address.<\/p>\n

The investor did not specify whether he had used the original Electrum version. In the comments under the post by Bitcoin researcher Ben Verret, users speculated that the theft was made possible by the wallet’s failure to receive a timely update.<\/p>\n

A pioneer of the cryptocurrency industry and CEO of Blockstream, Adam Back, suggested that the user may have connected to a malicious server from which he received a notification prompting an application update.<\/p>\n

\n

Someone explain? Is this due to connecting to a malicious electrum server which pushes a misleading notification message, then the user installs malware? Maybe displayed messages could be signed by electrum the software author instead of network servers?<\/p>\n

\u2014 Adam Back (@adam3us) August 30, 2020<\/a><\/p>\n<\/blockquote>\n