According to a post on by theymos a vulnerability in the code of the Electrum light wallet might potentially allow a hacker to steal bitcoins from the wallet.

An issue found in the code available on GitHub in version under 3.0.4 are potentially affected.

"...vulnerability was found in the Electrum wallet software which potentially allows random websites to steal your wallet via JavaScript. The bug presumably also affects altcoin derivatives of Electrum such as Electron Cash. If you don't use Electrum or a derivative, then you are not affected and you can ignore this." - theymos

Course of action to repair the issue is as follows:
  1. If you are running Electrum, shut it down right this second.
  2. Upgrade to 3.0.4 (making sure to verify the PGP signature).
Anyone who had a no paraphrase set and had a website open is potentially affected and should also be slapped for not securing the wallet in the first place.

Regardless, it is recommended to update to Version 3.0.3 immediately to continue using Electrum with reduced risk.

If you don't use Electrum then don't worry about it unless you make the decision to use the software in which case, simply install the latest version which was fixed a few hours ago.

[accordion] [item title="Author and Credits"] Article by dinbits
Image Credits: Banner Image by staff

[/item] [item title="Disclaimer"]The opinions expressed by authors of articles linked, referenced, or published on do not necessarily express, nor are endorsed by, the opinions the of or its affiliates. Please review the Terms of Use for more information.[/item] [/accordion]

Post a Comment

Powered by Blogger.