Whether it is a core wallet or electrum wallet It is very essential that that you perform a backup before updating or making any changes to your wallet. In electrum wallet all you need to backup is your electrum wallet seed phrase and additionally the wallet file. Once you are certain that you have the mnemonic seed of your wallet you can go ahead and delete your current wallet. Then download the latest version, install it and then restore it using your seed keys. Or you don’t have to delete the current wallet, just download the latest package and install, it will automatically replace your old wallet with the new version. It is as simple as that.
Upgrading electrum wallet is very easy and here in this beginners guide we’ll show you how to upgrade your electrum Bitcoin wallet from version xxx to version xxx. We’ll walk you through all the steps from download to verification to installing the latest version. But before we get into that or before you go ahead and click any link or download the wallet software here is something that you must need to know.
Electrum wallet phishing attack
Most of you who are using electrum wallet should be aware about this hack. This happened in late December 2018.
A user tried to send a transaction from their electrum wallet. Suddenly they received a popup message in their client stating “Error sending transaction”. “Security update required – Transaction can only be sent after applying the update. Please visit this link to download electrum wallet version xxx”.
The user then clicked the GitHub URL, downloaded the upgrade and installed the package. Then upon opening the wallet they suddenly noticed that all of their Bitcoins have been disappeared. They were all transferred to an unknown address.
Not only them but many users became a victim of this phishing attack especially the ones who were using fairly old version of electrum. Users received this error message particularly when broadcasting the transaction. Since the message appeared in their electrum wallet client they thought it is an official warning. Moreover the Github URL in the in app message seemed legit. So they click the link from the popup message which redirected users to fake Github page. They then downloaded the fake client, installed it and lost all of their Bitcoins.
It is reported that the hacker stole around 245 BTC from many electrum users which was worth more than $888000 at that time. The electrum wallet developers were aware about this hack and shortly after this incident they came up with a patch and released a new wallet version. Also they took down the fake Github repository.
There is an ongoing phishing attack against Electrum users. Our official website is https://t.co/aHiZIZH54e Do not download Electrum from any other source. More on the attack here: https://t.co/x5mPVspKfO
— Electrum (@ElectrumWallet) December 27, 2018
So is the electrum Bitcoin wallet weak in terms of security? Should I move my coins to QT and how this all happened?
Electrum wallet hack explained
Electrum is a Lite Bitcoin wallet which does not require you to download the blockchain to your local computer. Instead it relies on multiple blockchain servers that are available online. These servers are nothing but nodes which can be setup and operated by anyone. When you initiate a transaction, your wallet connects to one of these nodes to broadcast your transaction. In case if the transaction cannot be performed for any reason (for example low fees)then the online server will respond with the error message stating the reason.
Now the hacker took advantage of this feature. First the attacker setup multiple fake and malicious servers on the electrum network. Users who attempt to broadcast transaction and those whose wallets that are connected to these servers will not actually process the Bitcoin transaction. Instead it returns an error message in the client stating that their software is outdated and they need to update it to latest version. In the same error message the hacker also provided the link to their Github repository. Users who fell for this phishing message downloaded and installed the fake electrum wallet client from the hackers Github page which is actually a malware that is designed to steel Bitcoin from users computers.
The thing is the unofficial electrum website, the malicious wallet software and the Github page were all designed to look same as the original one. As a result many users easily fell for this scam.
More about this hack can be found in the following links:
Even though this issue is fixed in the recent release there are many other ways that a hacker tries to steal your coins. Remember that this is Bitcoin – A peer to peer technology which operates without any central authority. The issuing of Bitcoins and transactions are carried out by the network. The software is open source, nobody owns or has control over the Bitcoin network. In a system like this where there is no trusted third party you are the only one completely responsible for your funds.
Now coming to Electrum – It is one of the oldest Bitcoin wallet and is popular as well. Also note that it is an open source non-profit application. If you downloaded a malicious software from a random website then there is nothing anyone can do to help you. Not even the developers of the electrum wallet. Most likely your Bitcoins are permanently gone.
For your own safety here are some security measures which you must ensure before updating your electrum wallet software.
1. Never ever download wallet software from unauthorized Github repository or unofficial website or sources. Following are the original links to the Bitcoin electrum wallet.
- Official website: https://electrum.org/
- Download electrum latest release: https://electrum.org/#download
- Original Github: https://github.com/spesmilo/electrum
2. To reduce the risk of running a malicious software it is better that you verify the authenticity of the Electrum software before you use them.
3. If you see any error or popup message in your web browser or in the electrum wallet client then do not take any action. It could be a malware so just visit the official website or forum to find out what it means.
4. Electrum.org is a electrum wallet for Bitcoin only. You’ll also come across other variants of electrum wallets online. But those wallets are developed for other cryptocurrencies and not Bitcoin. Particularly some of the variants are designed to steal Bitcoins from user computers.
So again remember to not download Bitcoin electrum wallet from any other website other than electrum.org
5. Always ensure that you have a copy of your wallet seed before performing an upgrade.
Alright! Now let’s see how to update electrum wallet.
Updating Electrum wallet
The process of upgrading your Electrum wallet software is quite straightforward. But as we said; before updating make sure you have the backup of your wallet seed (12 word mnemonic seed) which is the most important step.
Note on seed phrase: Mnemonic seed is all you need to restore your wallet completely. If you lose it you lose access to your BTC. This seed word is confidential so do not expose them online which if you do so one will be able to easily get access to your Bitcoins. So be cautious.
Note: This guide is only for Windows users. We’ll make a separate guide for Ubuntu and tails.
Head to https://electrum.org/#download (be sure it is correct https site) and download the latest Windows Installer or Standalone Executable file.
Standalone Executable: Now if you have downloaded the Standalone Executable then just open the file. It will automatically open the last wallet file which you had opened in your previous wallet version. Just put in your password to access your wallet.
Windows Installer: If it is Windows installer file then just run the setup.exe file. You can choose a new folder location or the same folder where you’ve previously installed your wallet. The installation will replace all those previous electrum files.
Note: The core wallet files are stored in a separate location. So updating your wallet software or removing the old version will not affect your wallet files in anyway. It will not touch your keys. However the wallet upgrade might modify the format of your wallet files. If it is modified then they are not backward compatible meaning you’ll not be able to open the same wallet with an earlier version electrum software. So remember not to downgrade Electrum wallet to older version once you have upgraded.
We hope that anyone who is looking to update their Bitcoin electrum wallet will find this guide helpful. If you got any questions regarding the electrum wallet then please let us know in the comments section.