Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Electrum
Re: There has been an increased number of "fake" electrums out there, be careful.
by
kano
on 30/12/2018, 11:57:35 UTC
Quote from: Abdussamad on December 30, 2018, 11:42:56 AM
Quote from: kano on December 30, 2018, 07:14:34 AM
Quote from: pooya87 on December 30, 2018, 03:31:35 AM
Quote from: rokkyroad on December 29, 2018, 09:45:17 PM
This latest hack is particularly disturbing and it scared the crap out of me.  Hard to trust anything you download anymore.

it has never been hard and it will never be hard only if you know what you are doing!

in this case it is a very simple matter of understanding what PGP means and how it works. so even if you by any chance download a fake wallet, knowing how PGP works you try verifying its signature and when it fails you simply don't trust or install it!

understanding PGP means knowing how to verify signatures and more importantly understanding the concept of https://en.wikipedia.org/wiki/Web_of_trust so that you don't naively trust any public key you see.
It didn't require a fake wallet - it happened with the official PGP signed wallet.

The message appeared on the legit wallet but it was just text. It was harmless. Only people who reacted to it by downloading the software linked in the text and not verifying that software suffered losses. So the real electrum didn't steal from them. It was the fake software that people went out of their way to download and use.
Yes we all know this - it has been stated a number of times before.

Indeed the Official Electrum displayed an update notice and link, to a verified github, that when installed, meant you lost your Bitcoins
... and literally millions of dollars of Bitcoins have been lost due to people trusting that messages posted by the official Electrum wallet would be valid ...