diff options
authorsajolida <>2019-03-19 18:04:57 +0000
committersajolida <>2019-03-19 18:04:57 +0000
commit364003d9f713116322cae18017289cd69399ae67 (patch)
parent5adf329dd545ad87d0283c52e9750a12a73885ef (diff)
Explain the Electrum phishing attack and its consequences in Tails (#16565)
4 files changed, 39 insertions, 0 deletions
diff --git a/wiki/src/doc/anonymous_internet/electrum.mdwn b/wiki/src/doc/anonymous_internet/electrum.mdwn
index fd91067..5a517e7 100644
--- a/wiki/src/doc/anonymous_internet/electrum.mdwn
+++ b/wiki/src/doc/anonymous_internet/electrum.mdwn
@@ -26,6 +26,12 @@ For an explanation of how Bitcoin works in simple terms, read
[The In-Depth Guide to Bitcoin That Won’t Leave You
+<div class="bug">
+[[!inline pages="doc/anonymous_internet/electrum/phishing.inline" raw="yes" sort="age"]]
<div class="caution">
<p>Bitcoin is <a href="">not
diff --git a/wiki/src/doc/anonymous_internet/electrum/phishing.inline.mdwn b/wiki/src/doc/anonymous_internet/electrum/phishing.inline.mdwn
new file mode 100644
index 0000000..65639e4
--- /dev/null
+++ b/wiki/src/doc/anonymous_internet/electrum/phishing.inline.mdwn
@@ -0,0 +1,25 @@
+<p><strong><span class="application">Electrum</span> in Tails cannot connect
+anymore to Electrum servers.</strong></p>
+<p>The version of <span class="application">Electrum</span> in Tails is
+vulnerable to a <a href="">phishing
+attack that tricks people in updating to a malicious version of
+<span class="application">Electrum</span></a> which is not distributed from the
+official Electrum website.</p>
+<p><strong>You are safe unless you try to do the malicious update
+<p>To prevent this phishing attack, all trustworthy
+<span class="application">Electrum</span> servers now prevent
+older versions from connecting to them.</p>
+<p>Unfortunately, newer versions of <span class="application">Electrum</span>
+are not available in Debian and cannot be integrated easily in Tails. Given the
+lack of maintenance of Electrum in Debian, we are still
+<a href="">assessing
+what is best to do in Tails</a>.</p>
+<p>Until then, your wallet is not lost and you can restore it from its seed
+using an <a href="">up-to-date version of
+Electrum</a> outside of Tails.</p>
diff --git a/wiki/src/news/version_3.13.mdwn b/wiki/src/news/version_3.13.mdwn
index 76b42e6..acf922e 100644
--- a/wiki/src/news/version_3.13.mdwn
+++ b/wiki/src/news/version_3.13.mdwn
@@ -61,6 +61,10 @@ For more details, read our [[!tails_gitweb debian/changelog desc="changelog"]].
# Known issues
+### Electrum is outdated and cannot connect to servers
+[[!inline pages="doc/anonymous_internet/electrum/phishing.inline" raw="yes" sort="age"]]
### Tails fails to start a second time on some computers ([[!tails_ticket 16389]])
On some computers, after installing Tails to a USB stick,
diff --git a/wiki/src/support/known_issues.mdwn b/wiki/src/support/known_issues.mdwn
index 7833dd5..710c236 100644
--- a/wiki/src/support/known_issues.mdwn
+++ b/wiki/src/support/known_issues.mdwn
@@ -851,3 +851,7 @@ To fix this problem, add `intel_idle.max_cstate=1` to the
If the sound output does not work on an Acer Aspire One laptop, add
`snd-hda-intel.model=acer-aspire` to the [[startup
+## Electrum is outdated and cannot connect to servers
+[[!inline pages="doc/anonymous_internet/electrum/phishing.inline" raw="yes" sort="age"]]