A vulnerability has been found and fixed in the Electrum wallet, both for the Bitcoin and Dash versions.

Electrum, a popular light wallet for Bitcoin, was recently found to have a critical vulnerability dating back two years. The vulnerability allowed for an attacker to use JavaScript to steal Bitcoin from the wallet, as long as the wallet was unencrypted without a password. The vulnerability was first disclosed late last year, but did not get patched until the last few days.

Vulnerability also affected the Dash Electrum wallet, which has also been patched

As this vulnerability dates back several years, it also affects the Dash version of the Electrum wallet. Luckily, the Dash Core team has issued a patch to fix this vulnerability as well. Users should update to the latest version as soon as possible in order to avoid risks.

The need for strong security cannot be overstated

The priority of implementing strong security practices is imperative in a cryptocurrency ecosystem where users are responsible for their own funds. Users should be careful with trusting wallets that do not allow them to have control over their own private keys, password protect their wallets, and maintain top security and control over their devices. Users should also take care when buying hardware wallets from third-party resellers (one victim lost life savings due to a tampered-with device) and buy directly from the trusted manufacturer.