A newly-patched vulnerability in Bitcoin Core was far more severe than initially revealed, developers disclosed in an updated statement on Thursday.
Google Alert – bitcoin
- If you are running Electrum, shut it down right this second.
- Upgrade to 3.0.4 (making sure to verify the PGP signature).
You don't necessarily need to rush to upgrade. In fact, in cases like this it can be prudent to wait a while just to make sure that everything is settled. The important thing is to not use the old versions. If you have an old version sitting somewhere not being used, then it is harmless as long as you do not forget to upgrade it before using it again later.
If at any point in the past you:
- Had Electrum open with no wallet passphrase set; and,
- Had a webpage open
Then it is possible that your wallet is already compromised. Particularly paranoid people might want to send all of the BTC in their old Electrum wallet to a newly-generated Electrum wallet. (Though probably if someone has your wallet, then they already would've stolen all of the BTC in it…)
This was just fixed hours ago. The Electrum developer will presumably post more detailed info and instructions in the near future.
Update 1: If you had no wallet password set, then theft is trivial. If you had a somewhat-decent wallet password set, then it seems that an attacker could "only" get address/transaction info from your wallet and change your Electrum settings, the latter of which seems to me to have a high chance of being exploitable further. So if you had a wallet password set, you can reduce your panic by a few notches, but you should still treat this very seriously.
submitted by /u/theymos
Bitcoin – The Currency of the Internet
Dear Coinbase user, We are notifying you because you currently, or have previously, used the Authy app to protect access to a Coinbase account. Due to a recent increase in sophisticated attacks targeting Coinbase users, we are taking extra precaution to protect your account. In combination with social engineering and password theft, attackers are porting phone numbers (also known as SIM swapping). Once they fraudulently gain control of a user’s phone number, attackers can add new devices to…
A lot of advanced Bitcoin users rely on a Linux distribution to keep their wallet safe. That is not a bad idea, considering the Windows operating system …
Google Alert – bitcoin