coin renders

Use our news to inform cryptocurrency trading decisions, stay up-to-date on happenings in the industry, and more!

Gemini To Become First BitLicensed Exchange To Offer Trading in Zcash
The New York State Department of Financial Services has authorized Gemini Trust Company to offer trading of Zcash, Litecoin and Bitcoin Cash. Tyler Winklevoss, Chief Executive Officer of Gemini Trust Company, LCC said, “We are proud be the first licensed exchange in the world to offer Zcash trading and custody services and look forward to providing customers with a safe, secure, and regulated place to buy, sell, and store Zcash, an incredible new form of digital cash.”

Crypto Mining Company Coinmint Moving To Revamp 1,300 Acre Alcoa Plot
Once used for aluminum smelting, an Alcoa plant in Upstate New York is going to be converted into one of the world’s largest bitcoin mining centers. CNBC reports Coinmint said Tuesday it “would invest up to $700 million in the upstate New York location, which it expects to be the biggest bitcoin mining center in the world. The project will create an estimated 150 jobs over the next 18 months.”

Cryptocurrency Theft Malware Now An Economy Worth Millions
According to a new research report titled “Cryptocurrency Gold Rush on the Dark Web” by Carbon Black, the market for malware and tools designed for the theft of cryptocurrency is growing swiftly. ZDNet states, “The researchers estimate that over the past six months alone, a total of $1.1 billion has been stolen in cryptocurrency-related thefts, and approximately 12,000 marketplaces in the underbelly of the Internet are fueling this trend.”

Image courtesy of Carty Sewill, http://cartyisme.com/.

coin renders

Use our news to inform cryptocurrency trading decisions, stay up-to-date on happenings in the industry, and more!

The SEC Launches Phony ICO Site to Promote Scam Awareness
In a bid to raise awareness of potential investment scams in the cryptocurrency space, the U.S. Securities and Exchange Commission’s (SEC) Office of Investor Education and Advocacy have launched a fake website posing as a luxury travel firm kicking off the pre-sale portion of their initial coin offering (ICO).

Cryptocurrency Mining Malware Crashes Your PC When Discovered
Please beware: a new form of cryptominer, dubbed WinstarNssMiner, crashes your system the moment anti-virus software attempts to remove the malware. ZDNet warns “The cryptominer launches the svchost.exe process — used to manage system services — and injects malicious code into the file. One injected process begins mining cryptocurrency while the other runs in the background to avoid detection and scan for antivirus protection.”

Steve Wozniak: Bitcoin And Blockchain Will Achieve Full Potential In a Decade
Tech leaders everywhere are beginning to sing the praises of blockchain. Apple’s co-founder Steve Wozniak was the latest, saying blockchain was “a great idea” and that it “is the next major IT revolution that is about to happen” according to Cointelegraph auf Deutsch. Woz was giving the opening speech at WeAreDevelopers World Congress 2018 in Vienna, Austria.

China Ranks Ethereum as the World’s Best Blockchain Network
The Chinese government ranked Ethereum as the world’s best blockchain network. CCN reports “On May 17, China’s Ministry of Industry and Information Technology released its public blockchain ratings, ranking various blockchain projects like Ethereum in the global cryptocurrency sector based on three criteria: technology, application, and innovation.” Bitcoin came in at number 13.

Entirely Crypto-Focused LedgerX Announces the First Regulated Bitcoin Savings Account
“Bitcoin bulls now have a new opportunity to put their money where their sentiment is. On Tuesday, CFTC regulated derivatives exchange, LedgerX, launched a Bitcoin savings account, the latest in a slew of traditional banking products made available for the digital currency” as reported by CryptoSlate.

New Coinbase Prime Geared Towards Wall Street Investors
This week Coinbase announced Coinbase Prime, a set of tools and services for institutions, tailored for high-end investing in cryptocurrency.

Image courtesy of Carty Sewill, http://cartyisme.com/

stop

“Due to false accusations from electrum.org, they have ruined our reputation and brand of Electrum Pro. They managed to trick several news outlets to slander us. We decided to go our seperate ways to work on different projects.“

Following the proof released and verified on may 9th, the site hosting the malware Electrum Pro seems to have been voluntarily shut down. A message on the site states Electrum Pro’s reputation has been ruined due to false accusations from electrum.org. The message further states that the domain is up for sale for 25BTC, and provides a contact email.

Claims of ‘False accusations’ by electrum.org

The Electrum Pro team states that they have been falsely accused by electrum.org. This statement is false, as electrum.org provided proof that can be externally verified. BlockExplorer verified this proof itself in its earlier article, in which the malicious wallet was decompiled and the code to steal keys proven to exist. The malicious code even goes so far as to hide its network activity in what looks like normal version analytics. Meaning that a quick glance over the network activity of the wallet could miss the malicious activity.

Further verification that the wallet steals seeds was found by Twitter user Gergely Eberhardt, who in a tweet showed the original code found in the Android app version of the malicious wallet.

It would seem that yes, there are false accusations here. But they are not from electrum.org. Instead, they are from the Electrum Pro team itself.

coin renders

Use our news to inform cryptocurrency trading decisions, stay up-to-date on happenings in the industry, and more!

Electrum Publishes Proof “Electrum Pro” is Bitcoin Stealing Malware
Via Twitter yesterday, Electrum promised to publish proof that “Electrum Pro” is bitcoin stealing malware. This morning they published their proof on Github. Members of the community are advising if you used this software to move your coins now. BlockExplorer writer Armin Davis independently verified these claims.

ICO Competition With The Highest Prize Ever
This year ICO Engine is hosting an ICO Race 7 June, 2018 in Palazzo dei Congressi, Lugano. “Each ICO will have a 10-minute pitch in front of a qualified panel of judges who will make their evaluation based on: Solution of the problem, Business and Token sale model, Token Sale terms, Team, Pitch.” They go on to say, “ICOs will be ranked based on the evaluation given by the judges. Prizes are intended as purchase of the company’s tokens at the private sale price.” ICOs can register to be a part of the competition here.

Microsoft is Serious About Blockchain With Major Announcements and PRs
Despite the recent negative statements made by Bill Gates about Bitcoin, Microsoft’s interest in blockchain has been growing. Take this Microsoft Azure press release for example, “Simplifying blockchain app development with Azure Blockchain Workbench“. Microsoft’s Azure team is also now participating in NY Blockchain Week, according to WeTalkCoins.com.

Facebook’s New Blockchain Team Will Be Led by Coinbase Board Member David Marcus
Social media conglomerate Facebook has announced that it is establishing a new blockchain research team, according to BlockExplorer’s David Murray, and it will be led by a member of the Coinbase board of directors: David Marcus.

Image courtesy of Carty Sewill, http://cartyisme.com/

hack

“We now have proof that “Electrum Pro” is bitcoin-stealing malware. The sha256sum of ElectrumPro-4.0.2-Standalone.zip  is f497d2681dc00a7470fef7bcef8228964a2412889cd70b098cb8985aa1573e99. This hash can be confirmed independently using http://archive.org .”

On May 8th, @ElectrumWallet sent a tweet indicating that ‘ElectrumPro’ was malware, and that proof of this claim would follow. Another tweet that contained the proof referenced was sent by @ElectrumWallet a few hours later.

“Here is a verifiable proof that “Electrum Pro”, a fake version of @ElectrumWallet, is in fact Bitcoin-stealing malware: [ https://github.com/spesmilo/electrum-docs/blob/master/decompiling_guide.md ]”

Link changed to a direct GitHub link

The Proof

The proof given is a step by step guide to decompiling the python based binary. The proof claims that within the binary, where the seeds are created, an additional step exists which uploads the seed to electrum(dot)com. The official website for the Electrum wallet is electrum.org, which we can be sure of due to its link on the external site bitcoin.org.

In order to verify the claims, I followed the steps outlined. To begin I downloaded the zip file for Electrum Pro, and verified the hash of my file matched the one referenced in the proof:

Mine:   f497d2681dc00a7470fef7bcef8228964a2412889cd70b098cb8985aa1573e99
Theirs: f497d2681dc00a7470fef7bcef8228964a2412889cd70b098cb8985aa1573e99

The files are identical, meaning that I should see the same data further on that is stated in the proof, so long as it is true.

Following the steps, I extracted the zip file (in my case with unzip, rather than 7za), and extracted the pyc files from the .exe inside the zip. Once I extracted the pyc files, I decompiled them using uncompyle6 and found the following python 3 code:

The above code is the same as what is shown in the proof provide by @ElectrumWallet. And as such, I can externally verify that Electrum Pro contains the lines referenced in the proof.

What does this mean?

It is now proven that Electrum Pro steals wallet seeds on creation. Meaning that any coins stored in a wallet created with this tool are accessible to anyone with access to electrum(dot)com. If you mistakenly used this wallet, you should move your coins to a secure wallet as soon as possible.

How to avoid malware like this in future

When installing wallets, verify on every step that what you’re doing is correct. Make sure that URLs are correct, confirm said URLs with external sources if possible, and always verify hashes and signatures. In Electrum’s case, for signatures, all official binaries are signed with ThomasV’s PGP key. To verify other wallets, you should be able to use the keys and hashes provided on the wallet’s home page. This may seem like a lot of work, but it’s worth it to keep your coins secure.

Verify everything.