A vulnerability has been found and fixed in the Electrum wallet, both for the Bitcoin and Dash versions.
The bitcoin wallet Electrum allows any website to steal your bitcoins. I was gonna report it…but there was already an open issue from last year. I pointed out this is kinda critical, and they made a new release within a few hours. Update to 3.0.4 if you use it.
— Tavis Ormandy (@taviso) January 7, 2018
Vulnerability also affected the Dash Electrum wallet, which has also been patched
As this vulnerability dates back several years, it also affects the Dash version of the Electrum wallet. Luckily, the Dash Core team has issued a patch to fix this vulnerability as well. Users should update to the latest version as soon as possible in order to avoid risks.
— DASH (@Dashpay) January 8, 2018
The need for strong security cannot be overstated
The priority of implementing strong security practices is imperative in a cryptocurrency ecosystem where users are responsible for their own funds. Users should be careful with trusting wallets that do not allow them to have control over their own private keys, password protect their wallets, and maintain top security and control over their devices. Users should also take care when buying hardware wallets from third-party resellers (one victim lost life savings due to a tampered-with device) and buy directly from the trusted manufacturer.