Malware (and other avenues of losing money)
Bitcoin (when used as intended) is non-custodial money. With fiat in a bank (custody), the bank is responsible for safe-guarding it. With bitcoins, the user is responsible for safe-guarding it.
Electrum is non-custodial wallet software, meaning the software installed on the user’s computer has complete and exclusive control over all funds. For example, the developers cannot access/move/see your coins.
However, this model makes bitcoin users prime targets of malware: compromising the user’s computer can lead to stealing all their bitcoins.
i.e. downloading (clone of) Electrum from unofficial source
Attackers often clone our website and host it on lookalike fake domains. They then pay for Google ads to advertise their fake domains.
The official Electrum project does not pay for Google ads.
When users search “electrum” on Google, they see the malicious ads, click them, go to the lookalike website, download malicious clones of Electrum, and run it. When running the malware, “Electrum” seemingly opens and the user enters their password to open their wallet file. At that point, the software broadcasts a transaction sending all money out, and/or uploads the seed words to a remote server.
Signs of compromise: if you see a transaction in your wallet history that you do not recognise, AND that transaction moves all your coins AND your wallet balance is now zero (shown in bottom left corner), then you might have downloaded malware that stole your coins.
Defense: users should only download Electrum from the official website (and verify GPG signatures).
A clipboard hijacker a simple external program (virus) that monitors the user’s clipboard: every time the clipboard changes, it checks if it is a bitcoin address, and if so, replaces it with another bitcoin address that belongs to the attacker.
The idea is that usually a bitcoin address being copied means the user is going to paste it to a wallet right away and send money there.
Signs of compromise: if you copy a bitcoin address and then paste it to a text editor, a different address gets pasted.
Defense: users should preview (and confirm details of) any transaction they sign before signing it.
i.e. having other malware present on computer that accesses wallet file or RAM and steals your seed words
When using a “standard wallet” in Electrum on a PC, any (sufficiently privileged) other program on that same PC might get access to the wallet file and try to steal the seed words. More advanced attacks might dump the main memory (RAM) and find the seed words or private keys or the wallet password (given the right timing).
Posing as support
i.e. posing as “support” on forums (social engineering)
If you post on reddit/bitcointalk/etc, attackers might reply or send a private message claiming to be “Electrum support” or “customer service”. They might then ask you to download a new version of Electrum and give you a link, or ask for your seed words.
There is no customer service. These are scams. Be vigilant.
Any support provided is always in public.
Backup accessed by flatmate/etc
The seed/private keys should not be stored digitally, but instead preferably on paper. Paper cannot be hacked.
Be mindful of where you keep your backups (written down seed words). E.g. a roommate might find a piece of paper and move your coins.
Taking a photo of your seed, and especially uploading that photo to cloud storage, is asking for trouble. So is generating/entering the seed in a public place.
Planted wallet file
An attacker might copy their wallet file onto the victim’s computer. The next time the victim runs Electrum, it is the attacker’s wallet that gets opened. If the victim does not notice and generates an address to receive on, any incoming funds will go to the attacker’s wallet.
This attack can even be done before Electrum is installed at all. The attacker places their wallet file where Electrum would expect to find it, and leave it there for months/years until the user downloads Electrum.
Defense: use password-protected encrypted wallet files and be suspicious if you were not required to enter the password to open the wallet.
Defense, best practices
In increasing order of complexity:
only download Electrum from the official website
password-protect wallet files (using built-in methods)
verify GPG signatures (of the downloaded Electrum executable, before running it for the first time)
don’t use hot wallets for large amounts of money
double-check recipient addresses and amounts using a second/trusted source, before signing. check the address:
on the screen of each multisig cosigner
on the screen of the hardware signer
on the screen of the offline signer computer
Help! My coins have been stolen!
Bitcoin transactions are irreversible, so in case of theft, there is unfortunately nothing the developers (or anyone) can do to recover the money.
If you know how the attack worked, you are welcome to tell the developers. It is useful for us to know about the type and number of attacks, to try to prevent or mitigate future attacks. If the stolen amount is substantial enough, consider reporting the theft to the police.
If you think what happened might have resulted from a bug (and not malware), we ask you open a bug report.
Can I keep using the wallet?
If your coins got stolen, you must not keep using your existing wallet (the same seed words). If you send more coins into your wallet, those too will likely get stolen.
You should wipe/format your computer and do a fresh re-install of the OS.
Then you can download Electrum again (from the official website!).
Then you need to create a new wallet, as in, generate a new seed.
My anti-virus has flagged Electrum as malware!
See the relevant FAQ section.