Electrum

A vulnerability has been detected within the application. Electrum, used by cryptocurrency sites to store bitcoin. The vulnerability reportedly concerns the’JSONRPC interface which allows Electrum developers to open the application to other software. The interface in question was reportedly left exposed on the internet, allowing attackers to interact with it and then execute the necessary commands to transfer funds from an Electrum wallet.The Electrum team has released a patch (version 3.0.5) and alerted its users to the need to update their Electrum wallet as soon as possible.

Going further (technical article)

BlackWallet

The website BlackWallet.co, a web application allowing users to manage the Stellar Lumens cryptocurrency "XLM", was reportedly hacked on January 14th. The DNS server granting members access to the site appears to have been hijacked. by the attackers in order to redirect victims to their own server. According to Bleeping Computer, 669,920 Lumens were stolen, worth $400,192. To cover their tracks, the hackers reportedly transferred the funds to the Bittrex cryptocurrency exchange platform in order to convert the funds into another cryptocurrency.

Subscribe to our weekly newsletter Threat Landscape to stay up-to-date on security news.