The dogs are working, sadly the underground dogs. Electrum (Bitcoin), Electron Cash (Bitcoin Cash) and Electrum-LTC (Litecoin) users are currently at risk – more and more hackers switching to Monero in the meantime.
Attackers can right now inject a website to steal your entire wallet, it’s also possible to deanonymize its users.
- Electrum v2.6 until 3.0.4
- All Electron Cash versions including 3.1.1
- All Electrum-LTC version including 3.0.5
All three systems released Monday a new corrected version which should correct this hole. It’s highly suggested to update your client and close your current wallet ASAP until you have installed the fixed version.
The reason for such a huge problem was a JSON-RPC-Server failure, each time a user started the wallet a CGI was started with it (no matter if only the GUI was used or not) which allowed attackers to capture it’s traffic because the RPC-interface is unprotected.
The attacker can check the current wallet status, the Master Public Key (MPK, xpub), steal the Wallet seed and transfer the money to another wallet. The developer saying you should create another wallet right now with a strong password, this could help at least right now.