An Electrum wallet with a backdoor has been spotted in the wild by ConfiantIntel. They noticed that it’s another example of a piece of malware notarized by Apple. Link to tweet thread below.
These fake wallets were introduced during a Malvertising attack our security team discovered early this week, involving the hacking of a Major SSP. The hackers redirected the victims to https://electrum-4.github[.]io/ asking them to install an update of the electrum wallet.
In a separate tweet, it looks like one of Patrick Wardle’s tools can detect it.
Check It Out: Mac App Electrum Wallet With Backdoor Spotted in Wild