Hacker News new | past | comments | ask | show | jobs | submit login
Malware Wallet ‘Electrum Pro’ Stealing Seed Keys (blockexplorer.com)
72 points by noeatnosleep on May 9, 2018 | hide | past | favorite | 11 comments

It seems utterly, utterly insane to me that the vendor of a currency wallet software would leave the .com of their product's name unregistered. Using the real Electrum at home but second-guessing that now.

Apparently the previous owner of the domain was trying to sell it for "the price of a house", not something an open-source project can typically afford.

[0]: https://www.reddit.com/r/Bitcoin/comments/8a1drz/psa_electru...

By definition, the market value of that domain has to be close to the value of all BTC that ever gets stolen by the copycat malware.

Doesn't seem like something a project with no budget can afford.

Thomas Voegtlin (creator of electrum) said on reddit that they tried to buy the domain in 2012 but it was too expensive. https://www.reddit.com/r/Bitcoin/comments/8a1drz/psa_electru...

The github link has a better explanation to what is going on:


I'm not a python guy, but from the screenshots I don't see where it is requesting something other than the version, I don't see where it appends the seed keys or anything on the check version request, but I don't use this or any wallet to care enough to verify.

On line 246 where the thread is created, you'll see that it's actually passing in the seed, not the version.

Looks like the version is actually the seed.

  self.thread_v1 = threading.Thread(target=self.verify_version_thread, args=(seed,))

Oh I see thank you :)

I guess this is like storing mined 1800's gold in one's home. Totally unsecured, especially for the average Joe. Once it's gone, it's gone.

The whole point of Bitcoin (at least originally) was "be your own bank".

Users learnt really damn fast why securing a bank is hard.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact