Attackers stole 1.4 thousand bitcoins (approximately $16.3 million) from an investor who had kept coins in his wallet since 2017.
A user under the pseudonym 1400 Bitcoin Stolen told on GitHub that he stored the cryptocurrency on the Electrum wallet, where he had not entered since the purchase.
To transfer funds, he installed an old version of the application, but was unable to complete the transaction.
In a pop-up window, he was asked to update the wallet to the latest version for security reasons. After the update, its assets were moved to the attacker’s address.
The investor did not specify if he used the original version of Electrum. Users suggested that the theft was possible due to the lack of timely wallet updates.
The head of Blockstream, Adam Back, suggested that the user could connect to a malicious server, from which a notification was received about the need to update the application.