When a user logs into their wallet and attempts to send BTC to an address, they receive an ‘official look’ message saying they have to update to the latest version of their Electrum wallet, followed by a GitHub link.
The first user who reported the hack noticed that the link was strange for 2 reasons:
It was not the official link from the Electrum site.
The link is only allowed to be copied / pasted in their browser window.
The user copied the link and downloaded the app. The user logged in again after downloading the app and the system asked them for their 2-factor authentication (Electrum usually only asks this when a user tries to send funds to a recipient).
The user made several attempts to send his BTC and each time he received an error message saying, “Max fee did not exceed 50 sat / B.” Only when they decided to restore their wallet to another PC did they realize that their entire balance was transferred to a weird address.
The user also reported that they were unable to download Electrum from their official website, which means that Electrum has been attacked by DDOS. The latest reports show that the hacker has stolen funds from many other victims such as this user and has so far stolen up to $ 1 million, which is now consolidated in this address:
Hacking incidents like this are widespread in crypto space and contributed to nearly $1 billion in cryptocurrencies stolen in 2018 alone. The biggest problem is not the safety of the blockchain itself, but the lack of sophistication of users who use crypto wallets. Many are new to the space and often fail to identify the different traps that intelligent hackers set up to steal their funds and information.
Links to copy paste or apparently random requests to update your wallet are clear signs that something can be stopped and that you should avoid further proceedings until you can verify who makes the request.