• Team Todayq

Electrum Botnet Steals $4.6 Million In Bitcoin, Cryptocurrencies.

The botnet attacking Electrum has grown to 152,000 infected computers and has now stolen $4.6 million in cryptocurrencies such as Bitcoin, according to Malwarebytes.

Malwarebytes states that it has been “closely monitoring” the attack against the Electrum Bitcoin wallet.

The company states how the botnet came to fruition, stating:

“Victims were being tricked to download a fraudulent update that stole their cryptocurrencies,” explained Malwarebytes.

Later on, the threat actors launched a Distributed Denial of Service (DDoS) attacks in response to Electrum developers trying to protect their users.

The phishing attempt’s first iteration came as a “security update” but would later evolve as the scam became more complex.

The security update window below is caused by the trojan which is part of the botnet.


“On April 24th, the number of infected computers was below 100,000. Then the day after, “the number of infected computers would peak at 152,000, wrote Malwarebytes. 

The botnet’s size can be tracked with this online tool here.


Malwarebytes adds that a second botnet loader has been identified as “Trojan.BeamWinHTTP” that downloads the trojan “transactionservices.exe” — which is the main infected file that seeds the botnet.

The first loader was detected as “ElectrumDosMiner.”

Visualizations of the scale of the botnets was also provided by Malwarebytes.

The second picture below shows the depth of the botnets architecture as well as its complexity.


In a detailed blog post, on the subject, Malwarebytes claims that the attacks have occurred against the network since 2018 before rising sharply in 2019.

As retaliation for attempting to fix the company’s own software, the criminals launched a denial of service attack against Electrum’s servers. The attackers were also able to reverse an initial patch by the company by redirecting users to compromised machines that contained the malware.

Known as being a “lightweight” wallet, Electrum was chosen for attack due to its simplified architecture, operating in a client/server configuration. It was this configuration that would eventually allow attackers to compromise the network’s security.

Specifically, attackers took advantage of the fact that anyone could operate on the network as a public Electrum peer. Attackers then launched what’s called a Sybil attack that introduces compromised nodes into the network. The result of such an attack was that hundreds of thousands of computers have been compromised through the false security update and other means shown at the start of this article.

News Source: Bitcoinist

100% Free Cryptocurrency Trading Signals:

Click Here

  • Twitter
  • Youtube
  • Telegram
  • Facebook
  • Instagram
  • Linkedin
Never miss any update


I never find such a great place earlier to get Crypto signals. I started with their Monthly Trading Plan & just loved their trading signals.





Todayq App

© 2020 Todayq Technologies (OPC) PVT. LTD.

All Rights Reserved

Disclaimer: Trading in cryptocurrencies are subject

to market, technical and legal risks, Todayq doesn't

guarantee any returns on investment under it's services.

  • YouTube
  • Telegram
  • Facebook
  • Twitter
  • Instagram
  • LinkedIn