A critical vulnerability was just found on Electrum Bitcoin Wallet

What's this vulnerability ?

Just one day ago a Github user taviso reported a serious vulnerability in Electrum Bitcoin Wallet. This is a very serious security bug which allows an attacker to steal your Electrum wallet seed via a simple browser and java script. The attacker can only steal your seed if you left your wallet unprotected without encrypting it.

How does it work ?

On the Electrum's github issue page he shows how it is possible to steal Electrum wallet seed --

He Installed Electrum 3.0.3 on Windows.
Created a new wallet with all default settings. He left the wallet not encrypted with password- the default setting.
Visited in Chrome. Now, it's time to guess the right port number. He used JSON RPC server by default. It does use a random port but a website (run by an attacker) can simply scan for the right port in seconds.
After a few seconds he succeeded to guesses the right port, and then an alert() appeared with: seed: {"id": 0.7398595146147573, "result": "pony south strike horror throw acquire able afford pen lunch monster runway", "jsonrpc": "2.0"}

Am I at risk ?

Yes, you're at risk if you're currently using 3.0.3 or, any older version of Electrum Wallet. And the most important thing is that if you're using your Electrum wallet without encrypted it with password.

How to fix this issue ?

Electrum developer team is very aware of this serious vulnerability and has just provided a solution.
Electrum has just released a newer version with this vulnerability fixed. Everyone ... please, download the newer version 3.0.4 from their official website. And must check the PGP signature:

Download newer version 3.0.4 : https://electrum.org/#download

Release notes : https://github.com/spesmilo/electrum/blob/3.0.4/RELEASE-NOTES

Release notes of Electrum Wallet Version 3.0.4

Release 3.0.4 : (Security update)

Fix a vulnerability caused by Cross-Origin Resource Sharing (CORS)
in the JSONRPC interface. Previous versions of Electrum are
vulnerable to port scanning and deanonimization attacks from
malicious websites. Wallets that are not password-protected are
vulnerable to theft.
Bundle QR scanner with Android app
Minor bug fixes

Tags : Bitcoin, Cryptocurrency, Blockchain, Security, News, Hacks,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit

$3 Donation [Fixed]

Donate

$Any Amount

Comments

Before A Heavy Rainfall

I clicked at the exact time ; after about 5 minutes rain started Location : Dakshineswar, Kolkata Snap taken : 02 August 2016 Camera : Xiaomi ; model - 2014818 Tags : Photography, Nature, Landscape photography, Flowers & Plants photography, Sky, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi Model : 2014818 Location : Bongaon, West Bengal, India Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Seven Day - Black & White Challenge: [Day #07]

Seven day black & white challenge: [Day #07] Some simple rules must be obeyed to be eligible in this contest • Seven black and white images that represent an aspect of your life. • Present one image every day for seven days. • No people. • No explanation. • Nominate someone every day, but anyone can join the fun. • Use the tag - #sevendaybnwchallenge - as one of your five tags. My Today's Nomination : @chireerocks Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Monkey, Tree & Temple

Just Outside The Dakshineswar Kali Temple Location : Dakshineswar, Kolkata Snap taken : 02 August 2016 Camera : Xiaomi ; model - 2014818 Tags : Photography, Animals photography, Wildlife photography, Building & Architecture, Flowers & Plants photography, Nature, Landscape photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

HOW GOOGLE'S NEW A.I. MICROCHIPS TAKE A PAGE FROM BITCOIN MINERS

Yesterday at Google’s I/O developers conference , CEO Sundar Pichai briefly spoke about a custom-built chip that helps give Google its edge in machine learning and artificial intelligence. The chip, dubbed a TPU or Tensor Processing Unit (in keeping with Google's A.I. platform TensorFlow ), is specifically wrought for running Google’s decision-making algorithms. Most companies like Facebook and Microsoft use GPUs for their machine learning and artificial intelligence.But Pichai’s speech and the accompanying blog post only reveal a few details about TPUs. About the only useful thing we know about the chip is that it’s an ASIC, or application-specific integrated circuit. ASIC chips aren’t bought off the shelves, but designed specifically to do one task very well without using a lot of power. They’re used in applications that never change, like the controlling how a phone battery charges. .............................. [ read full story ] Ta...

The Real Face Of India - Episode 133

The Real Face Of India - Episode#133 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 21 Mar 2018 Camera : SAMSUNG, Model : SM-A310N0 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episod...

Newslink: Zimbabwe Unleashes New Dollar-Pegged Currency, Should Switch to Bitcoin Instead

Zimbabwe Unleashes New Dollar-Pegged Currency, Should Switch to Bitcoin Instead image credit Zimbabwe has begun printing bond notes, allegedly pegged to the US dollar, as a means to curb inflation, as other countries turn to Bitcoin. In a resurrection of the African country’s currency not seen in seven years, the central bank is attempting to restart a Zimbabwean national currency, while simultaneously preserving its value from inflation. The new bond notes are pegged to the U.S. dollar, allegedly backed by a $200 million bond facility with Afreximbank, as a safeguard against rapidly losing its value to hyperinflation, as was the case with the nation’s last currency. Read full story on cointelegraph website Tags : Bitcoin, Cryptocurrency, Economics, Money, News, Crypto Markets, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click He...

Close Shot - Red Chili (Chili pepper)

Red Chili is one kind of fruit of plants from the genus Capsicum and species Frutescens. So, it's scientific name is Capsicum Frutescens . They are vastly used in all kinds of bengali curry and spicy dishes. They are also used in many cuisines to add spiciness to dishes. Nutrition Facts [per 100 gm] Total Calories 35 Fat 0% Cholesterol 0% Sodium 0% Potassium 10% Carbohydrate 2% Dietary fiber 6% Sugar 0% Protein 3% Vitamin A 19% Vitamin B-6 25% Vitamin C 240% Iron 5% Magnesium 5% Calcium 1% [Source of Nutrition info : wikipedia ] Location : Barasat, Kolkata, West Bengal Snap taken : 14 March 2018 Camera : samsung; model - SM-A310N0 Tags : Photography, Nature, Fruits, Fruits photography, Macro Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] ...

One Black & White Photograph Daily for 30 days - Day #24

an unknown bird singing on my friend's window Camera : SAMSUNG Model : GT-I8262 Location : Bongaon, West Bengal, India Snap Taken : 23 february 2015 Tags : Black & White Photography, Photography, Birds, Birds photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

What I Learnt Today : 10 Unknown Amazing Facts About Animals - Part CXXXIII

image credit (1) Japanese Macaques make snowballs for fun. (2) The chevrotain is an animal that looks like a tiny deer with fangs. (3) Turritopsis nutricula Immortal jellyfish is the only species known to live forever. (4) One million stray dogs and 500,000 stray cats live in New York City metropolitan area. Turritopsis nutricula Immortal jellyfish image credit (5) Nine-banded armadillos always give birth to identical quadruplets. (6) The flying frog uses flaps of skin between its toes to glide. (7) It takes a sloth two weeks to digest its food. Nine-banded armadillo flying frogs image credit (8) A narwhal tusk is actually an exaggerated front left tooth, and unlike most teeth, it's soft and sensitive on the outside with a tough interior. (9) Humpback whales create the loudest sound of any living creature. (10) The slowest mammal on earth is the tree sloth. It only moves at a speed of 6 feet (1.83 meters) per minute. slot...

Search This Blog