A critical vulnerability was just found on Electrum Bitcoin Wallet

What's this vulnerability ?

Just one day ago a Github user taviso reported a serious vulnerability in Electrum Bitcoin Wallet. This is a very serious security bug which allows an attacker to steal your Electrum wallet seed via a simple browser and java script. The attacker can only steal your seed if you left your wallet unprotected without encrypting it.

How does it work ?

On the Electrum's github issue page he shows how it is possible to steal Electrum wallet seed --

He Installed Electrum 3.0.3 on Windows.
Created a new wallet with all default settings. He left the wallet not encrypted with password- the default setting.
Visited in Chrome. Now, it's time to guess the right port number. He used JSON RPC server by default. It does use a random port but a website (run by an attacker) can simply scan for the right port in seconds.
After a few seconds he succeeded to guesses the right port, and then an alert() appeared with: seed: {"id": 0.7398595146147573, "result": "pony south strike horror throw acquire able afford pen lunch monster runway", "jsonrpc": "2.0"}

Am I at risk ?

Yes, you're at risk if you're currently using 3.0.3 or, any older version of Electrum Wallet. And the most important thing is that if you're using your Electrum wallet without encrypted it with password.

How to fix this issue ?

Electrum developer team is very aware of this serious vulnerability and has just provided a solution.
Electrum has just released a newer version with this vulnerability fixed. Everyone ... please, download the newer version 3.0.4 from their official website. And must check the PGP signature:

Download newer version 3.0.4 : https://electrum.org/#download

Release notes : https://github.com/spesmilo/electrum/blob/3.0.4/RELEASE-NOTES

Release notes of Electrum Wallet Version 3.0.4

Release 3.0.4 : (Security update)

Fix a vulnerability caused by Cross-Origin Resource Sharing (CORS)
in the JSONRPC interface. Previous versions of Electrum are
vulnerable to port scanning and deanonimization attacks from
malicious websites. Wallets that are not password-protected are
vulnerable to theft.
Bundle QR scanner with Android app
Minor bug fixes

Tags : Bitcoin, Cryptocurrency, Blockchain, Security, News, Hacks,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit

$3 Donation [Fixed]

Donate

$Any Amount

Comments

Amazing arts by unknown artists - Series #27

I captured all these art photographs in the Kolkata Book Fair, 2018. I tried to know the original artists of these awesome arts, but, failed. Enjoy this awesome arts. All credits goes to the unknown artists :) To Be Continued.. Previous Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 Tags : Art, Drawing, Fine arts, Painting, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Kno...

The Real Face Of India - Episode 113

The Real Face Of India - Episode#113 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 22 Jan 2018 Camera : SONY, Model : DSC-W710 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episode#37 ,...

Monkeys playing in a tree - Shot#4 [Last shot]

A few monkeys playing in a tree......... Camera : Xiaomi Model : 2014818 Location : Dakshineswar, West Bengal, India Snap Taken : 06 Jan 2018 Tags : Animals photography, Photography, Wildlife, Wildlife photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Great Festival Durga Puja 2017 Episode 17

Durga Puja is our great festival. We celebrate every year in the month of September/October. It refers to all the five days observed as Shashthi, Maha Saptami, Maha Ashtami, Maha Nabami & Bijaya Dashami. In these days our city Kolkata wears glamorous attire & illumination . I framed some moments on my camera -- [To be continued...] Previous Episodes : Episode#1 , Episode#2 , Episode #3 , Episode #4 , Episode#5 , Episode #6 , Episode #7 , Episode #8 , Episode #9 , Episode #10 , Episode #11 , Episode #12 , Episode #13 , Episode #14 , Episode #15 , Episode #16 Tags : Art, Durga Puja, Festival, Photography, Religion, Sculptures, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Cl...

One Black & White Photograph Daily for 30 days - Day #30

In front of a park, a jackfruit tree & a row of palm trees Camera : Nokia Model : N78 Location : Kolkata, West Bengal, India Snap Taken : 25 May 2009 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi Model : 2014818 Location : Bongaon, West Bengal, India Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Amazing arts by unknown artists - Series #33

I captured all these art photographs in the Kolkata Book Fair, 2018. I tried to know the original artists of these awesome arts, but, failed. Enjoy this awesome arts. All credits goes to the unknown artists :) To Be Continued.. Previous Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 Tags : Art, Drawing, Fine arts, Painting, Photography, This Post Was Published On My Steemit Blog . Please, navigate t...

What I Learnt Today : 10 Unknown Amazing Facts About Animals - Part CXXV

image credit (1) The praying mantis is the only insect that can turn its head 360 degrees. (2) Tigers can see 6 times better at night than humans. (3) Dragonflies and damselflies form a heart with their tails when they mate. (4) Macaques in Japan use coins to buy vending machine snacks. Tiger image credit (5) Dik-dik is one kind of tiny antelope that lives in East Africa, Namibia and Angola. (6) The brain of a cockroach is inside its body. If a roach loses its head it can still live for over a week, eventually dying because it can not eat. (7) Gorillas can catch cold and are affected by other human viruses as well. Macaques in Japan use coins to buy vending machine snacks Gorillas image credit (8) There is a shark called ‘goblin shark’ which has only been seen around 50 times since its discovery in 1897. (9) Cows have actually four stomachs. (10) Seahorses mate for life, and when they travel they hold each others’ tails. Seahorse Gob...

Amazing arts by unknown artists - Series #30

I captured all these art photographs in the Kolkata Book Fair, 2018. I tried to know the original artists of these awesome arts, but, failed. Enjoy this awesome arts. All credits goes to the unknown artists :) To Be Continued.. Previous Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 Tags : Art, Drawing, Fine arts, Painting, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my ...

The Real Face Of India - Episode 114

The Real Face Of India - Episode#114 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Common water hyacinth . Scientific name: Eichhornia crassipes. Water hyacinth is a free-floating perennial aquatic plant (or hydrophyte) native to tropical and sub-tropical areas. Snap taken : 22 Jan 2018 Camera : SONY, Model : DSC-W710 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 ,...

Search This Blog