The price of bitcoin plunged Thursday after it was revealed that a bitcoin wallet provider had been hacked.
According to a report today in ZDNet, a hacker or hacking group has stolen at least 200 bitcoin, worth around $720,000, from users of Electrum Bitcoin, an open-source bitcoin client based on a client-server protocol.
Those behind the hack tricked users to download and install a malicious software update. They did so by adding malicious servers to Electrum’s network that if contacted would result in an error message followed by an update client message that linked to an unauthorized GitHub repository.
Once the malicious software was downloaded, users were prompted to provide a two-factor authentication code allowing those behind the hack to transfer bitcoin hosted by the victim to their own bitcoin wallet.
The hackers first targeted Electrum Bitcoin users on Dec. 21. Although GitHub has suspended the repository being used to upload the malicious client, the Electrum administrators think it’s likely that the hackers will try again, either via a new GitHub repository or a link to another download location.
“There is an ongoing attack which is as of now working just against users where servers raise some of the more business and system exceptions when a client broadcasts some of the largest and the wide range of trading and transactions,” told in an interview. “In this case the error text is displayed as is in the client Graphical User Interface. The attacker has spawned a lots of servers on different sort of the /16 IPv4s to increase his chances of being connected to various parts of social media channels and others as well. The error messages are as of now also trying to get the user to download and install malware which has also been disguised as updated versions of electrum.”
The amount stolen so far is relatively small in the history of bitcoin hacks, but the market didn’t take the news well. The price of bitcoin, having already switched back to a bear market following the so-called “Santa Claus rally” last week, plunged again.
Bitcoin was trading at about $3,604 as of 10 p.m. EST, down from a 24-hour high of $3,782 and well down from its weekly high of $4,214 Dec. 24.