Electrum doesn’t require the user to download the full blockchain, but its servers remotely provide users with the blockchain, and they access it through their wallet. That being said, malicious servers were added to the Electrum wallet network. Thus, when users attempted a Bitcoin transaction, which reached one of these illegitimate servers, the user received a message within the wallet application instructing them to download and install an update. The message led unsuspecting uses to the hacker’s GitHub page.

The resulting download was actually malware disguised as a new version of the Electrum wallet. The installed programme asked users to enter their two-factor authentication codes, hence allowing the attackers to use the authentication codes and steal Bitcoin by transferring funds to their own Bitcoin address.

Electrum has since modified its software and released an update but, they mentioned Electrum wallet users should remain vigilant as the hackers have persevered and adjusted their efforts over the last week, so new attacks are likely. The company also warned its users to only download software from electrum.org.