The price of bitcoin plunged Thursday after it was revealed that a bitcoin wallet provider had been hacked.

According to a report today in ZDNet, a hacker or hacking group has stolen at least 200 bitcoin, worth around $720,000, from users of Electrum Bitcoin, an open-source bitcoin client based on a client-server protocol.

Those behind the hack tricked users to download and install a malicious software update. They did so by adding malicious servers to Electrum’s network that if contacted would result in an error message followed by an update client message that linked to an unauthorized GitHub repository.

Once the malicious software was downloaded, users were prompted to provide a two-factor authentication code allowing those behind the hack to transfer bitcoin hosted by the victim to their own bitcoin wallet.

The hackers first targeted Electrum Bitcoin users on Dec. 21. Although GitHub has suspended the repository being used to upload the malicious client, the Electrum administrators think it’s likely that the hackers will try again, either via a new GitHub repository or a link to another download location.

“There is an ongoing attack against users where servers raise exceptions when a client broadcasts a transaction,” an Electrum admin wrote on their support forum. “In this case the error text is displayed as is in the client GUI. The attacker has spawned lots of servers on different /16 IPv4s to increase his chances of being connected to. The error messages are trying to get the user to download and install malware (disguised as updated versions of electrum).”

The amount stolen so far is relatively small in the history of bitcoin hacks, but the market didn’t take the news well. The price of bitcoin, having already switched back to a bear market following the so-called “Santa Claus rally” last week, plunged again.

Bitcoin was trading at about $3,604 as of 10 p.m. EST, down from a 24-hour high of $3,782 and well down from its weekly high of $4,214 Dec. 24.

Photo: Pixabay