A critical vulnerability was just found on Electrum Bitcoin Wallet

What's this vulnerability ?

Just one day ago a Github user taviso reported a serious vulnerability in Electrum Bitcoin Wallet. This is a very serious security bug which allows an attacker to steal your Electrum wallet seed via a simple browser and java script. The attacker can only steal your seed if you left your wallet unprotected without encrypting it.

How does it work ?

On the Electrum's github issue page he shows how it is possible to steal Electrum wallet seed --

He Installed Electrum 3.0.3 on Windows.
Created a new wallet with all default settings. He left the wallet not encrypted with password- the default setting.
Visited in Chrome. Now, it's time to guess the right port number. He used JSON RPC server by default. It does use a random port but a website (run by an attacker) can simply scan for the right port in seconds.
After a few seconds he succeeded to guesses the right port, and then an alert() appeared with: seed: {"id": 0.7398595146147573, "result": "pony south strike horror throw acquire able afford pen lunch monster runway", "jsonrpc": "2.0"}

Am I at risk ?

Yes, you're at risk if you're currently using 3.0.3 or, any older version of Electrum Wallet. And the most important thing is that if you're using your Electrum wallet without encrypted it with password.

How to fix this issue ?

Electrum developer team is very aware of this serious vulnerability and has just provided a solution.
Electrum has just released a newer version with this vulnerability fixed. Everyone ... please, download the newer version 3.0.4 from their official website. And must check the PGP signature:

Download newer version 3.0.4 : https://electrum.org/#download

Release notes : https://github.com/spesmilo/electrum/blob/3.0.4/RELEASE-NOTES

Release notes of Electrum Wallet Version 3.0.4

Release 3.0.4 : (Security update)

Fix a vulnerability caused by Cross-Origin Resource Sharing (CORS)
in the JSONRPC interface. Previous versions of Electrum are
vulnerable to port scanning and deanonimization attacks from
malicious websites. Wallets that are not password-protected are
vulnerable to theft.
Bundle QR scanner with Android app
Minor bug fixes

Tags : Bitcoin, Cryptocurrency, Blockchain, Security, News, Hacks,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit

$3 Donation [Fixed]

Donate

$Any Amount

Comments

One Black & White Photograph Daily for 30 days - Day #06

Green in Town - two palm trees Camera : Nokia Model : N78 Location : Kolkata, West Bengal, India Snap Taken : 25 May 2009 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #09

rows of the tree in the heart of the city Camera : Nokia Model : N78 Location : Kolkata, West Bengal, India Snap Taken : 25 May 2009 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #05

beside the green field Camera : Nokia Model : N78 Location : Kolkata, West Bengal, India Snap Taken : 25 May 2009 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Amazing arts by unknown artists - Series #33

I captured all these art photographs in the Kolkata Book Fair, 2018. I tried to know the original artists of these awesome arts, but, failed. Enjoy this awesome arts. All credits goes to the unknown artists :) To Be Continued.. Previous Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 Tags : Art, Drawing, Fine arts, Painting, Photography, This Post Was Published On My Steemit Blog . Please, navigate t...

The Real Face Of India - Episode 118

The Real Face Of India - Episode#118 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 22 Jan 2018 Camera : SONY, Model : DSC-W710 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episode#37...

Seven Day - Black & White Challenge: [Day #01]

Seven day black & white challenge: [Day #01] Some simple rules must be obeyed to be eligible in this contest • Seven black and white images that represent an aspect of your life. • Present one image every day for seven days. • No people. • No explanation. • Nominate someone every day, but anyone can join the fun. • Use the tag - #sevendaybnwchallenge - as one of your five tags. My Today's Nomination : @salma-akanda Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

The Real Face Of India - Episode 119

The Real Face Of India - Episode#119 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 22 Jan 2018 Camera : SONY, Model : DSC-W710 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episode#37...

Amazing arts by unknown artists - Series #38

I captured all these art photographs in the Kolkata Book Fair, 2018. I tried to know the original artists of these awesome arts, but, failed. Enjoy this awesome arts. All credits goes to the unknown artists :) To Be Continued.. Previous Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episode#37 Tags : Art, Drawing, Fine arts,...

My Sri Lanka Tour - "University of Peradeniya"

University of Peradeniya is situated in a unbelievably beautiful place near Kandy. Kandy was the ancient capital of Sinhala. The high esteemed Tooth Relic Monastery and the palace of King is situated in Kandy. But I was mostly attracted to the beauty and greenery of this university. The university reminds me of the ancient ‘gurukul’ of Aryan period when pupils stay at their mentor’s house and learnt their trade within the nature. I have captured some pictures of the University Campus. But I must tell you I could not capture the true beauty. I am unaware of the academic excellence of the institute. But I decided that I should come here for a short course at least. Note: After returning home, I have searched for the academic profile of the University and found out that it is the second ranked university in Sri Lanka after University of Colombo. I wish I could study there. Tags : Travel, Sri Lanka, Photography, Nature, Building ...

Visiting deep inside the Sundarbans & spent days with Bawali - Episode #09

In the last October-November I visited Sundarbans, the world's one of the largest mangrove forest. It was also declared as world heritage site by UNESCO in 1997. In this forest a numerous wildlife species exist - birds, reptiles, fishes, amphibians and also the king of the forest "Royal Bengal Tiger". The ganges dolphins & crocodiles are also living in the canals of Sundarbans. Chital is a one kind of spotted deer living in this forest. The rural life in the area of this coastal forest is also very attractive. They basically maintain their lives by collecting honey, woods and fishes. In the native language they are called as Bawali. I spent some days with them. Here I share some of my tour photographs of Sundarbans and Bawali -- Bawalis are preparing to cook in the jungle Look at the sky through green tree branches and leaves in the jungle Deep Inside The Mangrove forest Sundarbans Camera : SONY Model : DSC-W710 Location : Sundarbans, West Bengal, India Sna...

Search This Blog