A critical vulnerability was just found on Electrum Bitcoin Wallet

What's this vulnerability ?

Just one day ago a Github user taviso reported a serious vulnerability in Electrum Bitcoin Wallet. This is a very serious security bug which allows an attacker to steal your Electrum wallet seed via a simple browser and java script. The attacker can only steal your seed if you left your wallet unprotected without encrypting it.

How does it work ?

On the Electrum's github issue page he shows how it is possible to steal Electrum wallet seed --

He Installed Electrum 3.0.3 on Windows.
Created a new wallet with all default settings. He left the wallet not encrypted with password- the default setting.
Visited in Chrome. Now, it's time to guess the right port number. He used JSON RPC server by default. It does use a random port but a website (run by an attacker) can simply scan for the right port in seconds.
After a few seconds he succeeded to guesses the right port, and then an alert() appeared with: seed: {"id": 0.7398595146147573, "result": "pony south strike horror throw acquire able afford pen lunch monster runway", "jsonrpc": "2.0"}

Am I at risk ?

Yes, you're at risk if you're currently using 3.0.3 or, any older version of Electrum Wallet. And the most important thing is that if you're using your Electrum wallet without encrypted it with password.

How to fix this issue ?

Electrum developer team is very aware of this serious vulnerability and has just provided a solution.
Electrum has just released a newer version with this vulnerability fixed. Everyone ... please, download the newer version 3.0.4 from their official website. And must check the PGP signature:

Download newer version 3.0.4 : https://electrum.org/#download

Release notes : https://github.com/spesmilo/electrum/blob/3.0.4/RELEASE-NOTES

Release notes of Electrum Wallet Version 3.0.4

Release 3.0.4 : (Security update)

Fix a vulnerability caused by Cross-Origin Resource Sharing (CORS)
in the JSONRPC interface. Previous versions of Electrum are
vulnerable to port scanning and deanonimization attacks from
malicious websites. Wallets that are not password-protected are
vulnerable to theft.
Bundle QR scanner with Android app
Minor bug fixes

Tags : Bitcoin, Cryptocurrency, Blockchain, Security, News, Hacks,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit

$3 Donation [Fixed]

Donate

$Any Amount

Comments

Breaking News : YAHOO has just released a security patch that prevents a serious bug which allowed hackers to read any email

Breaking News : YAHOO has just released a security patch that prevents a serious bug which allowed hackers to read any email image credit Yahoo has just issued a security patch of a highly critical XSS (cross-site scripting) security vulnerability in its users’ email system that allowed hackers to read any email contents. Who discovered this security flaw ? Jouko Pynnonen, a famous cyber-security researcher lived in Finland first discovered this serious issue and reported it to Yahoo. Jouko Pynnonen also reported a serious bug in Yahoo last year that allowed hackers to hack any user’s account by using XSS (cross-site scripting) vulnerability. He was also awarded in $10,000 by Yahoo’s bug bounty program on Hackerone. How does this bug work ? Jouko Pynnonen has posted an article on his personal blog about how the bug works. He said that the bug existed in the email’s HTML filtering. Jouko sent an email with various sorts of attachments to inspect the raw code

waiting for death [An Original Abstract Art]

waiting for death Tags : Abstract, Art, Drawing, Painting, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi Model : 2014818 Location : Bongaon, West Bengal, India Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

rheum of Africa [An Original Abstract Art And A Poem]

rheum of Africa Rheum of Africa (An Original Poem) The love with lands surrounded by the Mediterranean sea to north, Sinai Peninsula keeps a house with whom? Suez and red having room. Forest and her ancient folk always in our feelings and talk, All the mankind having so curious You,more I think mysterious. Beauty of her smile peeking, a truth I know the truth ,the truth The photographer committing suicide never conceding the painful sight. A monster throwing away foods In the water ,children of you Crying crying for a grain. The moribund acting his last sequence Why? a vulture waiting, a question. I love you, consider mother of lions Smile revealing a secret, oh Africa! Progresses of my art-work Tags : Abstract, Art, Drawing, Painting, Poems, Poetry, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard a

Ancient alligators which had long legs and run faster than dinosaurs, also ate them

image credit Imagine an alligator with long four legs and runs faster than dogs. Am I crazy ? Probably not. But, this species is now extinct. They lived in the Jurassic Period. The name this amazing creature is Galloping crocodile. It existed 100 million years ago. And also they preyed on dinosaurs! The most attractive features of Galloping crocodiles are their bone structure. After made research on their bones structure scientists said that they were efficient swimmers but that when they clambered ashore they were also capable of galloping across the plains. But, modern crocodiles crawl on their bellies because their legs sprawl out to the side. The fossils of this primitive crocodiles are now discovered in North Africa by a group of fossil hunters. Most of the fossils was discovered in the year of 2001. Hans Larsson , a paleontologist at the University of Montreal, who took part in the expedition which was sponsored by National Geographic, wrote - "We were surpr

A Silent Lovely Conversation [An Original Abstract Art]

a silent lovely conversation An Original Bengali Poem শেষ রাতে মরা চাঁদের আলোয় দেখা হয়েছিল তোমার সাথে নীরব কথায় বলেছিলে আমায় অব্যক্ত নীরব অভিমান । সেই শেষ দেখা, আমারও শেষ চাঁদের আলোয় শেষ স্নান। হবেনা কখনো জানি দেখা, তবু আশায় তো বাঁচে চাষা। Progresses of my art-work Tags : Abstract, Art, Bengali, Drawing, Painting, Poems, Poetry, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

The Real Face Of India - Episode 133

The Real Face Of India - Episode#133 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 21 Mar 2018 Camera : SAMSUNG, Model : SM-A310N0 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episode#37 , Episode#38 , Episode#39 , Episode#40 , Episode#41 , Episode#42 , Episode#43 , Episode#44 , Episode#45 , Episode#46 , Episode#47 , Episode#48 , Episode#49 , Episode#50 ,

Estrangement (An Original Poem)

Estrangement (An Original Poem) I remember that day when I saw your black eyes, I wondered, I realized the beauty of black color. One stormy night, In the lightening I saw you. Oh dear, you sparkle in that dark night. The roar of the storm I heard But, never frightened Because, you were beside me. Now in this moonlit night There a flood of light , but I can’t see Because, you’re not beside me. Dark everywhere dark Oh dear, come in my life again, And fill my life with light. [The abstract art used in this post is original & done by myself] Tags : Abstract, Art, Drawing, Life, Painting, Poems, Poetry, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Visiting deep inside the Sundarbans & spent days with Bawali - Episode #07

In the last October-November I visited Sundarbans, the world's one of the largest mangrove forest. It was also declared as world heritage site by UNESCO in 1997. In this forest a numerous wildlife species exist - birds, reptiles, fishes, amphibians and also the king of the forest "Royal Bengal Tiger". The ganges dolphins & crocodiles are also living in the canals of Sundarbans. Chital is a one kind of spotted deer living in this forest. The rural life in the area of this coastal forest is also very attractive. They basically maintain their lives by collecting honey, woods and fishes. In the native language they are called as Bawali. I spent some days with them. Here I share some of my tour photographs of Sundarbans and Bawali -- Mangrove forest Sundarbans Camera : SONY Model : DSC-W710 Location : Sundarbans, West Bengal, India Snap Taken : 03 Nov 2017 To Be Continued... Episode : 01 , Episode : 02 , Episode : 03 , Episode : 04 , Episode : 05 , Episode :

What I Learnt Today : 10 Unknown Amazing Facts About Animals - Part CXXXIII

image credit (1) Japanese Macaques make snowballs for fun. (2) The chevrotain is an animal that looks like a tiny deer with fangs. (3) Turritopsis nutricula Immortal jellyfish is the only species known to live forever. (4) One million stray dogs and 500,000 stray cats live in New York City metropolitan area. Turritopsis nutricula Immortal jellyfish image credit (5) Nine-banded armadillos always give birth to identical quadruplets. (6) The flying frog uses flaps of skin between its toes to glide. (7) It takes a sloth two weeks to digest its food. Nine-banded armadillo flying frogs image credit (8) A narwhal tusk is actually an exaggerated front left tooth, and unlike most teeth, it's soft and sensitive on the outside with a tough interior. (9) Humpback whales create the loudest sound of any living creature. (10) The slowest mammal on earth is the tree sloth. It only moves at a speed of 6 feet (1.83 meters) per minute. sloth narwhal tusk i

Search This Blog